Hackers Exploiting Drupal Vulnerability to Inject Cryptocurrency Miners

2018-04-18 10:03

The Drupal vulnerability (CVE-2018-7600), dubbed Drupalgeddon2 that could allow attackers to completely take over vulnerable websites has now been exploited in the wild to deliver malware backdoors and cryptocurrency miners. Drupalgeddon2, a highly critical remote code execution vulnerability discovered two weeks ago in Drupal content management system software, was recently patched by the

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/MD2BV_vaXf8/drupal-cryptocurrency-hacking.html

#cryptocurrency #drupal #hacker #vulnerability #CVE-2018-7600

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-29	CVE-2018-7600	Improper Input Validation vulnerability in multiple products Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. network low complexity drupal debian CWE-20	7.5

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Drupal		135	209	504	90	16	819

News URL

Related news

Related Vulnerability

Related vendor