ThinkPHP Remote Code

ThinkPHP Remote Code Execution Vulnerability Handling Guide

December 17, 2018

1 Vulnerability Overview Recently, ThinkPHP posted a blog, announcing the release of an update that addresses a high-risk remote code execution (RCE) vulnerability. This vulnerability stems from the framework’s insufficient checks on controller names, which, in case forced routing is not enabled, would allow arbitrary code execution or even access to the server. ThinkPHP is […]

Search

Subscribe to the NSFOCUS Blog