This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: ThinkPHP Framework < 6.0.14 has a **Path Traversal/LFI** flaw.β¦
π **Threshold**: **Low/Medium**. β **Auth**: Unauthenticated. π **Config**: Requires `lang_switch_on=true` to be enabled in the application config. π **Network**: Remote exploitation possible. π
Q6Is there a public Exp? (PoC/Wild Exploitation)
π₯ **Exploit**: **Yes**. π **PoC**: Public Nuclei template available on GitHub. π **Status**: Known technique (using `pearcmd.php`) demonstrated.β¦
π **Check 1**: Verify ThinkPHP version (< 6.0.14). π **Check 2**: Look for `lang_switch_on=true` in config. π§ͺ **Scan**: Use Nuclei template `CVE-2022-47945.yaml`. π οΈ **Tool**: ProjectDiscovery Nuclei. π‘
Q8Is it fixed officially? (Patch/Mitigation)
β **Fixed**: Yes. π¦ **Patch**: Upgrade to **ThinkPHP 6.0.14** or later. π **Commit**: See official GitHub commit `c4acb8b`. π **Action**: Immediate update recommended. π‘οΈ
Q9What if no patch? (Workaround)
π« **Workaround**: Disable language switching by setting `lang_switch_on=false` in config. 𧱠**Mitigation**: Block external access to `lang` parameter if possible. π **Note**: Not a permanent fix; patching is superior. β³
Q10Is it urgent? (Priority Suggestion)
π¨ **Priority**: **CRITICAL**. π΄ **Urgency**: High. β‘ **Reason**: Unauthenticated RCE with public PoC. π **Action**: Patch immediately to prevent server compromise. π