CRITICAL🇵🇱 Wersja polska

CVE-2024-48112

CVSS 9.8v3.1pub. 2024-10-30upd. 2025-06-17

A deserialization vulnerability in the component \controller\Index.php of Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code.

🤖 AI Analysis
How it works

The vulnerability results from unsafe deserialization of user-supplied input data in the \controller\Index.php component. An attacker can submit a specially crafted malicious serialized payload (known as a gadget chain), which is executed by the server with application privileges during the deserialization process. The mechanism (CWE-502) relies on the fact that the application deserializes data from an untrusted source without proper validation of its contents, enabling manipulation of execution logic.

Impact

An attacker can gain full control over the server — execute arbitrary code (RCE), read or modify data, and cause complete compromise of system confidentiality, integrity, and availability.

Mitigation & patch

Apply patches available from the vendor according to references. It is recommended to immediately update the ThinkPHP framework to a version higher than 8.0.4 and monitor project repositories (https://github.com/top-think/think) to track security fix releases.

Who is affected

ThinkPHP in versions 6.1.3 through 8.0.4 (\controller\Index.php component)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Thinkphp

    APP
    Thinkphp
    6.1.3 – 8.0.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEDeserialization
CWE
References

Related vulnerabilities

CVE-2018-25270CRITICAL9.3PL ✓ten sam produkt

ThinkPHP 5.0.23 — zdalne wykonanie kodu przez parametr routingu (RCE)

CVE-2025-63888CRITICAL9.8PL ✓ten sam produkt

RCE w funkcji read sterownika szablonów ThinkPHP 5.0.24

CVE-2025-50707CRITICAL9.8PL ✓ten sam produkt

RCE w ThinkPHP 3 — wykonanie kodu przez komponent index.php

CVE-2025-50706CRITICAL9.8PL ✓ten sam produkt

RCE w ThinkPHP 5.1 przez funkcję routecheck

CVE-2024-44902CRITICAL9.8PL ✓ten sam produkt

Krytyczna podatność deserialization RCE w ThinkPHP v6.1.3–v8.0.4