CVE-2018-7600

critical

Description

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

References

https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-209a

https://www.tenable.com/blog/sea-turtle-dns-hijacking-campaign-utilizes-at-least-seven-patched-vulnerabilities

https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-133a

https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know

https://www.synology.com/support/security/Synology_SA_18_17

https://www.exploit-db.com/exploits/44482/

https://www.exploit-db.com/exploits/44449/

https://www.exploit-db.com/exploits/44448/

https://www.drupal.org/sa-core-2018-002

https://www.debian.org/security/2018/dsa-4156

https://twitter.com/arancaytar/status/979090719003627521

https://twitter.com/RicterZ/status/984495201354854401

https://twitter.com/RicterZ/status/979567469726613504

https://research.checkpoint.com/uncovering-drupalgeddon-2/

https://lists.debian.org/debian-lts-announce/2018/03/msg00028.html

https://groups.drupal.org/security/faq-2018-002

https://greysec.net/showthread.php?tid=2912&pid=10561

https://github.com/g0rx/CVE-2018-7600-Drupal-RCE

https://github.com/a2u/CVE-2018-7600

https://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714

https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/

http://www.securitytracker.com/id/1040598

http://www.securityfocus.com/bid/103534

Details

Source: Mitre, NVD

Published: 2018-03-29

Updated: 2019-03-01

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical