Security News > 2018 > April > Release of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under Attack
2018-04-26 12:48
Only a few hours after the Drupal team releases latest updates to fix a new remote code execution flaw in its content management system software, hackers have already started exploiting the vulnerability in the wild. Announced yesterday, the newly discovered vulnerability (CVE-2018-7602) affects Drupal 7 and 8 core and allows remote attackers to achieve exactly same what previously discovered
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/wJPpbntTGZo/drupalgeddon3-exploit-code.html
Related news
- PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) (source)
- Exploit released for Fortinet RCE bug used in attacks, patch now (source)
- Exploit released for Palo Alto PAN-OS bug used in attacks, patch now (source)
- Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-19 | CVE-2018-7602 | A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. | 9.8 |