virus logo Intrusion Prevention

Laravel.Framework.token.Unserialize.Remote.Command.Execution

description-logoDescription

This indicates an attack attempt to exploit a Remote Code Execution vulnerability in Laravel Framework.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. An authenticated remote attacker may be able exploit this to execute arbitrary code within the context of the application via crafted requests.

description-logoOutbreak Alert

FortiGuard Labs continue to observe widespread activity of Androxgh0st Malware in the wild exploiting multiple vulnerabilities, specifically targeting- the PHPUnit (CVE-2017-9841), Laravel Framework (CVE-2018-15133) and Apache Web Server (CVE-2021-41773) to spread and conduct information gathering attacks on the target networks

View the full Outbreak Alert Report

affected-products-logoAffected Products

Laravel Framework version 5.5.40 and prior
Laravel Framework from version 5.6.0 to 5.6.29

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2024-02-13 26.732 Sig Added
2019-09-13 14.687 Default_action:pass:drop
2019-09-04 14.681

References

https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
ID 48188
Created Sep 10, 2019
Updated Feb 13, 2024
Outbreak Alert Androxgh0st Malware
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2018-15133
Known Exploited Yes
Exploit Prediction Score 64.96%
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris, MacOS
Affected App PHP_app