Intrusion Prevention

ThinkPHP.HTTP.VARS.S.Remote.Code.Injection

Description

This indicates an attack attempt to exploit a Remote Code Injection Vulnerability in ThinkPHP.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted HTTP request. A remote attacker can exploit this vulnerability by sending a crafted HTTP. Successful exploitation could result in arbitrary code execution in the context of the server application.

Affected Products

ThinkPHP between version 5.0.0 and version 5.0.23

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor:
http://www.thinkphp.cn/down.html