CVE-2018-7600
CRITICAL9.8⚠ KEVEPSS 94.5%drupal7 - security update
Published: 3/28/2018Modified: 3/9/2026Added to CISA KEV: 11/3/2021
Description
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Affected packages (5)
- Debian/drupal7from 0, < 7.14-2+deb7u18
- Debian/drupal7from 0, < 7.32-1+deb8u11
- Packagist/drupal/core>= 8.0.0, < 8.3.9 | >= 8.4.0, < 8.4.6 | >= 8.5.0, < 8.5.1
- Packagist/drupal/core>= 7.0, < 7.58
- Packagist/drupal/drupal>= 7.0, < 7.58
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H |
References (25)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-7600
- PATCHhttps://github.com/drupal/core
- WEBhttps://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600
- WEBhttps://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714
- WEBhttps://github.com/a2u/CVE-2018-7600
- WEBhttps://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2018-7600.yaml
- WEBhttps://github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2018-7600.yaml
- WEBhttps://github.com/g0rx/CVE-2018-7600-Drupal-RCE
- WEBhttps://greysec.net/showthread.php?tid=2912&pid=10561
- WEBhttps://groups.drupal.org/security/faq-2018-002
- WEBhttps://lists.debian.org/debian-lts-announce/2018/03/msg00028.html
- WEBhttps://research.checkpoint.com/uncovering-drupalgeddon-2
- WEBhttps://twitter.com/arancaytar/status/979090719003627521
- WEBhttps://twitter.com/RicterZ/status/979567469726613504
- WEBhttps://twitter.com/RicterZ/status/984495201354854401
- WEBhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7600
- WEBhttps://www.debian.org/security/2018/dsa-4156
- WEBhttps://www.drupal.org/sa-core-2018-002
- WEBhttps://www.exploit-db.com/exploits/44448
- WEBhttps://www.exploit-db.com/exploits/44449
- WEBhttps://www.exploit-db.com/exploits/44482
- WEBhttps://www.synology.com/support/security/Synology_SA_18_17
- WEBhttps://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know
- WEBhttp://www.securityfocus.com/bid/103534
- WEBhttp://www.securitytracker.com/id/1040598