logo

CVE-2019-9082 - ThinkPHP Remote Code Execution Vulnerability

CVE-2019-9082

ThinkPHP | ThinkPHP

  • Date Added:
  • 2021-11-03
  • Due Date:
  • 2022-05-03
Vulnerability Name

ThinkPHP Remote Code Execution Vulnerability

Description

ThinkPHP contains an unspecified vulnerability that allows for remote code execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2019-9082
Related News Articles

Free security scan for your website