Security News > 2018 > April > Drupal Sites Targeted With Backdoors, Miners in Drupalgeddon2 Attacks

Drupal Sites Targeted With Backdoors, Miners in Drupalgeddon2 Attacks
2018-04-18 05:27

The recently patched Drupal vulnerability tracked as CVE-2018-7600 and dubbed Drupalgeddon2 has been exploited in the wild to deliver backdoors, cryptocurrency miners and other types of malware. read more


News URL

http://feedproxy.google.com/~r/Securityweek/~3/4nHrMq2P30s/drupal-sites-targeted-backdoors-miners-drupalgeddon2-attacks

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-03-29 CVE-2018-7600 Improper Input Validation vulnerability in multiple products
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
network
low complexity
drupal debian CWE-20
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Drupal 135 209 504 90 16 819