CVE-2022-47945: Inclusion of Functionality from Untrusted Control Sphere

December 23, 2022 (updated August 8, 2023)

ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.

References

github.com/top-think/framework/commit/c4acb8b4001b98a0078eda25840d33e295a7f099
github.com/top-think/framework/compare/v6.0.13...v6.0.14
nvd.nist.gov/vuln/detail/CVE-2022-47945
tttang.com/archive/1865/

Detect and mitigate CVE-2022-47945 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →