Release of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under Attack

26 April 2018

Only a few hours after the Drupal team releases latest updates to fix a new remote code execution flaw in its content management system software, hackers have already started exploiting the vulnerability in the wild. Announced yesterday, the newly discovered vulnerability (CVE-2018-7602) affects Drupal 7 and 8 core and allows remote attackers to achieve exactly same what previously discovered Drupalgeddon2 (CVE-2018-7600) flaw allowed—complete take over of affected websites.

Read full news article on The Hacker News

Date:

26 April 2018

Categorie(s):

NEWS

Tag(s):

Content-management Framework, Drupal, New, Open Source, Open Source Software, Web Development, Web Frameworks

Google launches 1B passkey authentications and new security updates2 May 2024
Three-Quarters of CISOs Admit App Security Incidents2 May 2024
New SOHO router malware aims for cloud accounts, internal company resources2 May 2024
Security Breach Exposes Dropbox Sign Users2 May 2024
Six common developer security fails that lead to cloud risks2 May 2024