Chinese threat actor exploits old ThinkPHP flaws since October 2023

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP. The campaign seems to have been active since at least October 2023, it initially targeted a limited number of customers/organizations […]

This article has been indexed from Security Affairs

Read the original article: