Security News > 2019 > February > Drupal RCE Flaw Exploited in Attacks Days After Patch

Drupal RCE Flaw Exploited in Attacks Days After Patch

2019-02-26 08:00

A vulnerability patched recently in the Drupal content management system (CMS) has been exploited in the wild to deliver cryptocurrency miners and other payloads. The attacks started just three days after a fix was released. read more

News URL

http://feedproxy.google.com/~r/Securityweek/~3/gZs_oytaJBw/drupal-rce-flaw-exploited-attacks-days-after-patch

#attack #drupal #patch #RCE

Related news

Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Drupal		15	0	66	45	14	125

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.