On October 25, 2017, Alibaba Cloud security intelligence center detected an arbitrary code execution vulnerability in the domestic blog software Typecho caused by deserialization. Attackers can exploit this vulnerability to run code without restrictions and obtain Webshells. This poses a high security risk.
Typecho is a PHP-based, simple, and lightweight blogging program that uses various databases such as MySQL, PostgreSQL, and SQLite to store data. Typecho is released with the GPL Version 2 license. It is an open source program that currently uses SVN for version management.
See the following for more information about the vulnerability.
Unlimited getshell vulnerability on the Typecho front-end
Attackers can use the
install.php page to remotely create malicious request packets and run any code, bringing serious security risks to the business.
Condition and method of exploitation
The vulnerability can be remotely exploited through PoC.
Typecho < 0.9
Check whether any affected version of Typecho is used and whether the install directory exists.
How to fix or mitigate
Workaround: Delete the
Synchronize the official branch in time and update the code to the latest version.
Upgrade Typecho to Typecho 1.1 or a later version released on the official website.