← back
CVE-2017-16894

CVE-2017-16894

EPSS 87.0%
In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting the .env permissions. The .env filename is not used exclusively by Laravel framework.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/153641/PHP-Laravel-Framework-Token-Unserialize-Remote-Command-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/47129unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/153641/PHP-Laravel-Framework-Token-Unserialize-Remote-Command-Execution.htmlhttps://twitter.com/finnwea/status/967709791442341888http://whiteboyz.xyz/laravel-env-file-vuln.html