CVE-2022-47945

ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:thinkphp:thinkphp:*:*:*:*:*:*:*:*

History

08 Aug 2023, 14:21

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
References (MISC) https://github.com/top-think/framework/commit/c4acb8b4001b98a0078eda25840d33e295a7f099 - (MISC) https://github.com/top-think/framework/commit/c4acb8b4001b98a0078eda25840d33e295a7f099 - Patch, Third Party Advisory
References (MISC) https://tttang.com/archive/1865/ - (MISC) https://tttang.com/archive/1865/ - Exploit, Third Party Advisory
References (MISC) https://github.com/top-think/framework/compare/v6.0.13...v6.0.14 - (MISC) https://github.com/top-think/framework/compare/v6.0.13...v6.0.14 - Patch, Third Party Advisory
CWE CWE-22
CPE cpe:2.3:a:thinkphp:thinkphp:*:*:*:*:*:*:*:*

23 Dec 2022, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-12-23 21:15

Updated : 2024-02-05 15:02


NVD link : CVE-2022-47945

Mitre link : CVE-2022-47945

CVE.ORG link : CVE-2022-47945


JSON object : View

Products Affected

thinkphp

  • thinkphp
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')