Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells

June 6, 2024 at 05:31PM Chinese threat actors are targeting vulnerable ThinkPHP applications, exploiting old flaws CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell allows further exploitation of breached endpoints, giving the attackers remote control, network scanning, and database access. Organizations are advised to update to ThinkPHP version 8.0 … Read more

Chinese Hackers Exploit Old ThinkPHP Vulnerabilities in New Attacks

June 6, 2024 at 01:33PM Two remote code execution (RCE) vulnerabilities in ThinkPHP, CVE-2018-20062 and CVE-2019-9082, patched over five years ago, are being exploited in ongoing attacks. Chinese-speaking threat actors use the web shell “Dama” to compromise servers, bypass PHP functions, and escalate privileges. Organizations are urged to urgently patch, as attackers target unpatched systems. … Read more