ThinkPHP is an open-source framework for web application development. It is licenced under the Apache2 licence. Controller names are wrongly processed by the framework in ThinkPHP 5.0.22, causing the attacker to initiate any framework method, Because the root controllers are not subject to any specific filtering resulting in an RCE (Remote Code Execution) vulnerability.Threat actors are aggressively using ThinkPHP to infect a wide range of malware, primarily aimed at Internet of Things (IoT) devices.
Impact
In the ThinkPHP framework, a specifically designed value in the filter HTTP parameter can lead to arbitrary code execution.
Mitigation / Precaution
We suggest that you update to version 5.0.23 / 5.1.31 or higher of ThinkPHP in order to fix this vulnerability.
Directly apply the patch: In thinkphp 5.0, add the following code to line 554 of thinkphp/library/think/App.php, In thinkphp 5.1, line 63 of thinkphp/library/think/route/dispatch/Url.php.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.