Security News > 2019 > February > Drupal RCE Flaw Exploited in Attacks Days After Patch

Drupal RCE Flaw Exploited in Attacks Days After Patch

2019-02-26 08:00

A vulnerability patched recently in the Drupal content management system (CMS) has been exploited in the wild to deliver cryptocurrency miners and other payloads. The attacks started just three days after a fix was released. read more

News URL

http://feedproxy.google.com/~r/Securityweek/~3/gZs_oytaJBw/drupal-rce-flaw-exploited-attacks-days-after-patch

#attack #drupal #patch #RCE

Related news

Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
New Cleo zero-day RCE flaw exploited in data theft attacks (source)
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
CISA orders agencies to patch BeyondTrust bug exploited in attacks (source)
Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Drupal		15	0	66	45	14	125

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.