CVE advisoryCRITICAL
CVE-2024-44902
ThinkPHP Deserialization Vulnerability Allows Remote Code Execution.
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A deserialization vulnerability in ThinkPHP allows for arbitrary code execution when reachable. This could affect the integrity and availability of an application. It is important to determine if ThinkPHP is deployed and exposed within your environment.