Actively exploited vulnerability

CVE-2018-20062: ThinkPHP "noneCms" Remote Code Execution Vulnerability

ThinkPHP "noneCms" contains an unspecified vulnerability that allows for remote code execution through crafted use of the filter parameter.

CISA KEV source 3 Nov 2021 added 3 May 2022 remediation due

Affected product

ThinkPHP · noneCms

Known ransomware use: Unknown

Required action

Follow the source advisory and validate exposure in your environment.

Apply updates per vendor instructions.

Related Yasna coverage

Recent reporting that mentions CVE-2018-20062.