Access Control: ThinkPHP 6.0.0~6.0.1 - Arbitrary File Write¶
Identifier:
thinkphp6_arbitrary_write
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
ThinkPHP 6.0.0~6.0.1 is susceptible to arbitrary file write vulnerabilities that can lead to remote code execution, allowing attackers to upload script files and take control of the server.
How we test: We test for arbitrary file write vulnerabilities in ThinkPHP by injecting payloads into PHPSESSID and analyzing responses to detect if files can be written arbitrarily, potentially leading to remote code execution.
Reference:
- https://community.f5.com/t5/technical-articles/thinkphp-6-0-0-6-0-1-arbitrary-file-write-vulnerability/ta-p/281591
- https://github.com/Loneyers/ThinkPHP6_Anyfile_operation_write
- https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/vulnerability/thinkphp-v6-file-write.yaml
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.