Hackers Actively Scanning for ThinkPHP Vulnerability, Akamai Says

Started by Antus67, January 19, 2019, 02:43:42 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Antus67

By Ionut Arghire on January 18, 2019

There is widespread scanning for a recently disclosed remote code execution vulnerability in the ThinkPHP framework, Akamai reveals.

ThinkPHP, a web framework by TopThink, is a Chinese-made PHP framework used by a large number of web developers in the country. In early December 2018, the framework was revealed to be impacted by a remote code execution bug that could allow an attacker to take over a vulnerable server.

The issue was that user input was not properly sanitized, thus allowing an unauthenticated user to specify their own filter function to execute.

Full Article Here:https://www.securityweek.com/hackers-actively-scanning-thinkphp-vulnerability-akamai-says