216.73.217.22

CVE-2018-15133

· Published 16/01/2024 01:00 · Modified 21/12/2025 02:46 · Author: Cybersecurity and Infrastructure Security Agency

Labels: CVE-2018-15133

Essential information

Published
16/01/2024 01:00
Modified
21/12/2025 02:46
Author
Cybersecurity and Infrastructure Security Agency
Creator
Cybersecurity and Infrastructure Security Agency
CISA KEV
Yes
CWE

Description

Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. This vulnerability may only be exploited if a malicious user has accessed the application encryption key (APP_KEY environment variable).

NVD status

NVD
View on NVD

Related entities

Attack reports, intrusion sets, malwares, attack patterns and indicators linked to this vulnerability.

Attack reports (2)