Drupal 'Drupalgeddon2' Remote Code Execution
Impact: High
Description
An issue in multiple subsystems of Drupal allows remote attackers to execute arbitrary OS commands on the server.
Affeced versions:
- <7.58
- 8.x & <8.3.9
- 8.4.x & <8.4.6
- 8.5.x & <8.5.1
Recommendation
Upgrade the Drupal to the latest stable version.
References
👉 You might also like:
WordPress 4.6 Blind OS Command Execution - CVE-2016-10033
Apache Struts OGNL expression RCE S2-057 - CVE-2018-11776
The ShellShock Bug - CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278
WordPress Plugin Smart Google Code Inserter 3.5 SQLI - CVE-2018-3810
Last updated on April 04, 2021