Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:PHP:CVE-2018-15133-RCE |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
PHP Laravel Framework token Unserialize Remote Command Execution |
Release Date |
2019/08/19 |
Update Number |
3200 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: PHP Laravel Framework token Unserialize Remote Command Execution
This signature detects attempts to exploit a known vulnerability against PHP Laravel framework. A successful attack can lead to arbitrary code execution.
Extended Description
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack.
Affected Products
- Laravel laravel 5.5.40
- Laravel laravel 5.6.0
- Laravel laravel 5.6.1
- Laravel laravel 5.6.10
- Laravel laravel 5.6.11
- Laravel laravel 5.6.12
- Laravel laravel 5.6.13
- Laravel laravel 5.6.14
- Laravel laravel 5.6.15
- Laravel laravel 5.6.16
- Laravel laravel 5.6.17
- Laravel laravel 5.6.18
- Laravel laravel 5.6.19
- Laravel laravel 5.6.2
- Laravel laravel 5.6.20
- Laravel laravel 5.6.21
- Laravel laravel 5.6.22
- Laravel laravel 5.6.23
- Laravel laravel 5.6.24
- Laravel laravel 5.6.25
- Laravel laravel 5.6.26
- Laravel laravel 5.6.27
- Laravel laravel 5.6.28
- Laravel laravel 5.6.29
- Laravel laravel 5.6.3
- Laravel laravel 5.6.4
- Laravel laravel 5.6.5
- Laravel laravel 5.6.6
- Laravel laravel 5.6.7
- Laravel laravel 5.6.8
- Laravel laravel 5.6.9
References