A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. Updated — this vulnerability is being exploited in the wild.

CPENameOperatorVersion
drupallt7.59
drupallt8.5.3
drupallt8.4.8

Name	Operator	Version
drupal	lt	7.59
drupal	lt	8.5.3
drupal	lt	8.4.8

References

git.drupalcode.org/project/drupal/commit/080daa38f265ea28444c540832509a48861587d0.diff

git.drupalcode.org/project/drupal/commit/bb6d396609600d1169da29456ba3db59abae4b7e.diff

www.drupal.org/core/release-cycle-overview

www.drupal.org/project/drupal/releases/7.59

www.drupal.org/project/drupal/releases/8.4.8

www.drupal.org/project/drupal/releases/8.5.3

www.drupal.org/psa-2018-002

www.drupal.org/sa-core-2018-002

www.drupal.org/user/102818

www.drupal.org/user/124982

www.drupal.org/user/157725

www.drupal.org/user/17943

www.drupal.org/user/2301194

www.drupal.org/user/241634

www.drupal.org/user/2582268

www.drupal.org/user/3064

www.drupal.org/user/35821

www.drupal.org/user/395439

www.drupal.org/user/421070

www.drupal.org/user/49851

www.drupal.org/user/521118

www.drupal.org/user/65776

www.drupal.org/user/99340

fedora 14

seebug 1

osv 4

prion 1

nessus 9

attackerkb 1

archlinux 1

checkpoint_advisories 1

threatpost 1

exploitpack 2

openvas 17

dsquare 1

debiancve 1

debian 3

f5 1

ibm 1

zdt 2

cve 1

ubuntucve 1

packetstorm 2

cisa_kev 1

alpinelinux 1

nuclei 1

exploitdb 2

malwarebytes 1

impervablog 1

veracode 1

thn 2

ubuntu 1

fireeye 1

kitploit 1

fedora

[SECURITY] Fedora 28 Update: drupal7-7.59-1.fc28

2018-05-05 20:37:11

[SECURITY] Fedora 28 Update: drupal7-7.60-2.fc28

2018-12-03 01:39:08

[SECURITY] Fedora 28 Update: drupal7-7.64-1.fc28

2019-03-06 15:28:58

seebug

Drupal core Remote Code Execution(CVE-2018-7602)

2018-04-26 00:00:00

osv

drupal7 - security update

2018-04-26 00:00:00

CVE-2018-7602

2018-07-19 17:29:00

drupal7 - security update

2018-04-25 00:00:00

prion

Remote code execution

2018-07-19 17:29:00

nessus

Fedora 26 : drupal7 (2018-2359c2ae0e) (Drupalgeddon 2)

2018-05-11 00:00:00

Fedora 28 : drupal7 (2018-43c64deada) (Drupalgeddon 2)

2019-01-03 00:00:00

Debian DLA-1365-1 : drupal7 security update (Drupalgeddon 2)

2018-04-27 00:00:00

attackerkb

Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-004

2018-07-19 00:00:00

archlinux

[ASA-201804-10] drupal: arbitrary command execution

2018-04-27 00:00:00

checkpoint_advisories

Drupal Core Remote Code Execution (CVE-2018-7602)

2018-04-26 00:00:00

threatpost

Ransomware Attack Hits Ukrainian Energy Ministry, Exploiting Drupalgeddon2

2018-04-24 18:34:37

exploitpack

Drupal 7.58 - Drupalgeddon3 (Authenticated) Remote Code Execution (PoC)

2018-04-25 00:00:00

Drupal 7.58 - Drupalgeddon3 (Authenticated) Remote Code (Metasploit)

2018-04-30 00:00:00

openvas

Debian LTS: Security Advisory for drupal7 (DLA-1365-1)

2018-04-27 00:00:00

Debian Security Advisory DSA 4180-1 (drupal7 - security update)

2018-04-25 00:00:00

Fedora Update for drupal7 FEDORA-2018-18023f40fa

2018-12-04 00:00:00

dsquare

Drupal 7 SA-CORE-2018-004 RCE

2018-05-08 00:00:00

debiancve

CVE-2018-7602

2018-07-19 17:29:00

debian

[SECURITY] [DSA 4180-1] drupal7 security update

2018-04-25 20:13:52

[SECURITY] [DSA 4180-1] drupal7 security update

2018-04-25 20:13:52

[SECURITY] [DLA 1365-1] drupal7 security update

2018-04-26 09:28:04

K59591931 : Drupal vulnerability CVE-2018-7602

2018-04-30 00:00:00

ibm

Security Bulletin: API Connect Developer Portal is affected by a Drupal vulnerability (CVE-2018-7602)

2018-06-15 07:09:14

zdt

Drupal < 7.58 - drupalgeddon3 Authenticated Remote Code Execution (PoC) Exploit

2018-04-26 00:00:00

Drupal < 7.58 - Drupalgeddon3 Authenticated Remote Code Exploit

2018-05-01 00:00:00

cve

CVE-2018-7602

2018-07-19 17:29:00

ubuntucve

CVE-2018-7602

2018-07-19 00:00:00

packetstorm

Drupal drupgeddon3 Remote Code Execution

2018-04-26 00:00:00

Drupalgeddon3 Remote Code Execution

2018-04-30 00:00:00

cisa_kev

Drupal Core Remote Code Execution Vulnerability

2022-04-13 00:00:00

alpinelinux

CVE-2018-7602

2018-07-19 17:29:00

nuclei

Drupal - Remote Code Execution

2022-02-04 19:09:58

exploitdb

Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)

2018-04-30 00:00:00

Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code Execution (PoC)

2018-04-25 00:00:00

malwarebytes

A look into Drupalgeddon’s client-side attacks

2018-05-18 15:00:00

impervablog

The State of Web Application Vulnerabilities in 2018

2019-01-09 14:00:26

veracode

Remote Code Execution (RCE)

2018-04-26 10:18:46

thn

Release of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under Attack

2018-04-26 12:32:00

Third Critical Drupal Flaw Discovered—Patch Your Sites Immediately

2018-04-25 16:41:00

ubuntu

Drupal vulnerabilities

2021-03-15 00:00:00

fireeye

Think Fast: Time Between Disclosure, Patch Release and Vulnerability Exploitation — Intelligence for Vulnerability Management, Part Two

2020-04-13 00:00:00

kitploit

Vulmap - Web Vulnerability Scanning And Verification Tools

2020-12-25 11:30:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

99.9%

JSON

Related for DRUPAL-SA-CORE-2018-004