Posts

Vulnerability: CVE-2018-7600 – Drupal core – Remote Code Execution

A vulnerability has been discovered that could allow criminals to execute code remotely on websites that are running Drupal. Drupal is a Content Management System (CMS) that is used by more than 1 million websites worldwide. According to W3techs.com, Drupal is third most popular CMS, only behind Joomla and WordPress.

The discovered vulnerability can be exploited by an input validation issue that allows unsanitized data to enter Drupal’s data space. Drupal warns that an unprivileged and untrusted attacker could compromise the site and modify or delete data hosted on affected CMS platforms.

Due to the high criticality of the vulnerability, Drupal informed website administrators a week prior that important fixes would be coming soon.The idea was to attempt to stay ahead of potential attackers who could quickly develop code that would exploit Drupal websites once made aware of the vulnerability.

Drupal has since released updates to patch the vulnerability and recommends users who have deployed the Content-Management Framework to immediately update to versions 7.58 or 8.5.1. Although Drupal versions 8.3.x and 8.4.x are no longer supported, Drupal has released an out-of-band patch that would fix the highly critical security issue in updates 8.3.9 and 8.4.6.

Proficio Threat Intelligence Recommendations:

  • Immediately update Drupal to versions 7.58 or 8.5.1

General Info – Click Here

Drupals FAQ surrounding CVE-2018-7600 – Click Here