2022-11-24 16:42:41 +00:00
id : CVE-2022-25481
info :
name : ThinkPHP 5.0.24 - Information Disclosure
author : caon
2022-11-25 09:59:03 +00:00
severity : high
2022-11-24 18:21:41 +00:00
description : |
2023-02-03 16:18:38 +00:00
ThinkPHP 5.0.24 is susceptible to information disclosure. This version was configured without the PATHINFO parameter. This can allow an attacker to access all system environment parameters from index.php, thereby possibly obtaining sensitive information, modifying data, and/or executing unauthorized operations.
2023-09-06 11:59:08 +00:00
remediation : |
Upgrade to a patched version of ThinkPHP or apply the necessary security patches.
2022-11-24 18:21:41 +00:00
reference :
- https://github.com/Lyther/VulnDiscover/blob/master/Web/ThinkPHP_InfoLeak.md
- https://nvd.nist.gov/vuln/detail/CVE-2022-25481
2022-11-25 09:59:03 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score : 7.5
cve-id : CVE-2022-25481
cwe-id : CWE-668
2023-11-10 09:15:01 +00:00
epss-score : 0.01311
2023-11-27 09:19:41 +00:00
epss-percentile : 0.84401
2023-09-06 11:59:08 +00:00
cpe : cpe:2.3:a:thinkphp:thinkphp:5.0.24:*:*:*:*:*:*:*
2022-11-24 18:21:41 +00:00
metadata :
2023-06-04 08:13:42 +00:00
verified : true
2023-09-06 11:59:08 +00:00
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : thinkphp
product : thinkphp
2023-09-06 11:59:08 +00:00
shodan-query : title:"ThinkPHP"
2022-11-25 07:38:40 +00:00
tags : cve,cve2022,thinkphp,exposure,oss
2022-11-24 16:42:41 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-11-24 16:42:41 +00:00
- method : GET
path :
- '{{BaseURL}}/index.php?s=example'
matchers-condition : and
matchers :
2023-06-10 13:33:20 +00:00
- type : word
part : body
words :
- "Exception"
- "REQUEST_TIME"
2023-06-15 04:08:56 +00:00
- "ThinkPHP Constants"
2023-06-10 13:33:20 +00:00
condition : and
2022-11-24 16:42:41 +00:00
- type : status
status :
2023-06-10 13:33:20 +00:00
- 200
- 500
2022-11-24 16:42:41 +00:00
- 404
2023-06-10 13:33:20 +00:00
condition : or
2023-11-27 10:10:24 +00:00
# digest: 4a0a0047304502203c9df39ec5318da6802c38c11b4876b7f2dc0ea9cf790433341816a616462d79022100aeba7b6d850a3e39bb26940feb6e1f727893931bc5ec54698b4058dcf66ec38a:922c64590222798bb761d5b6d8e72950