Security News > 2018 > April > Release of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under Attack

Release of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under Attack
2018-04-26 12:48

Only a few hours after the Drupal team releases latest updates to fix a new remote code execution flaw in its content management system software, hackers have already started exploiting the vulnerability in the wild. Announced yesterday, the newly discovered vulnerability (CVE-2018-7602) affects Drupal 7 and 8 core and allows remote attackers to achieve exactly same what previously discovered


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/wJPpbntTGZo/drupalgeddon3-exploit-code.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-07-19 CVE-2018-7602 A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x.
network
low complexity
drupal debian
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Drupal 15 0 66 45 14 125