CVE-2018-7600
CVE-2018-7600
In short
Drupal versions before 7.58, 8.3.9, 8.4.6, and 8.5.1 contain a critical vulnerability that allows attackers to run malicious code on affected websites. This happens because multiple core systems don't properly validate certain inputs when using default or common configurations.
Technical detail
A remote attacker can execute arbitrary code in vulnerable Drupal installations through improper input validation in multiple subsystems. The vulnerability affects default and commonly-used module configurations without requiring authentication. Successful exploitation leads to complete system compromise.
Summary generated and translated by AI from the official description.
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1public PoCs found — 56
githubgithub.com/dreadlocked/Drupalgeddon2★ 599githubgithub.com/a2u/CVE-2018-7600★ 354githubgithub.com/pimps/CVE-2018-7600★ 141githubgithub.com/g0rx/CVE-2018-7600-Drupal-RCE★ 114githubgithub.com/firefart/CVE-2018-7600★ 72githubgithub.com/lorddemon/drupalgeddon2★ 11githubgithub.com/r3dxpl0it/CVE-2018-7600★ 9githubgithub.com/zhzyker/CVE-2018-7600-Drupal-POC-EXP★ 8githubgithub.com/rabbitmask/CVE-2018-7600-Drupal7★ 8githubgithub.com/dr-iman/CVE-2018-7600-Drupal-0day-RCE★ 7githubgithub.com/thehappydinoa/CVE-2018-7600★ 7githubgithub.com/jirojo2/drupalgeddon2★ 5githubgithub.com/shellord/CVE-2018-7600-Drupal-RCE★ 4githubgithub.com/sl4cky/CVE-2018-7600★ 4githubgithub.com/ludy-dev/drupal8-REST-RCE★ 4githubgithub.com/dwisiswant0/CVE-2018-7600★ 4githubgithub.com/sl4cky/CVE-2018-7600-Masschecker★ 3githubgithub.com/knqyf263/CVE-2018-7600★ 3githubgithub.com/Hestat/drupal-check★ 2githubgithub.com/ynsmroztas/drupalhunter★ 1githubgithub.com/Damian972/drupalgeddon-2★ 1githubgithub.com/drugeddon/drupal-exploit★ 1githubgithub.com/shellord/Drupalgeddon-Mass-Exploiter★ 1githubgithub.com/0xAJ2K/CVE-2018-7600★ 1githubgithub.com/muhammedkayag/CVE-2018-7600★ 1githubgithub.com/4l13n-DN/POC-CVE-2018-7600★ 1githubgithub.com/Meraj1312/cve-2018-7600-drupalgeddon2-lab★ 1githubgithub.com/soch4n/CVE-2018-7600★ 0githubgithub.com/erman-bolukbasi/web-penetration-drupal★ 0githubgithub.com/happynote3966/CVE-2018-7600★ 0githubgithub.com/cved-sources/cve-2018-7600★ 0githubgithub.com/madneal/codeql-scanner★ 0githubgithub.com/MoriartyPuth-Labs/DC1-Lab★ 0githubgithub.com/Dungsocool/CVE-2018-7600★ 0githubgithub.com/ruthvikvegunta/Drupalgeddon2★ 0githubgithub.com/nayem-m/drupalgeddon2-cli★ 0githubgithub.com/rafaelcaria/drupalgeddon2-CVE-2018-7600★ 0githubgithub.com/vphnguyen/ANM_CVE-2018-7600★ 0githubgithub.com/anldori/CVE-2018-7600★ 0githubgithub.com/r0lh/CVE-2018-7600★ 0githubgithub.com/raytran54/CVE-2018-7600★ 0githubgithub.com/tpdlshdmlrkfmcla/CVE-2018-7600.★ 0githubgithub.com/Dowonkwon/drupal-cve-2018-7600-poc★ 0githubgithub.com/M-Abid34/CVE-2018-7600★ 0githubgithub.com/rajaabdullahnasir/CVE-2018-7600-Remote-Code-Execution★ 0githubgithub.com/xxxTectationxxx/CVE-2018-7600★ 0githubgithub.com/SyedGhufranRaza/CVE-2018-7600-Remote-Code-Execution★ 0githubgithub.com/nika0x38/CVE-2018-7600★ 0githubgithub.com/tea-celikik/Drupal-Exploit-Lab★ 0githubgithub.com/bixiPRO/Drupalgeddon2-CVE-2018-7600★ 0cve_referencewww.exploit-db.com/exploits/44448/unverifiedexploitdbwww.exploit-db.com/exploits/44482unverifiedcve_referencewww.exploit-db.com/exploits/44449/unverifiedexploitdbwww.exploit-db.com/exploits/44449unverifiedcve_referencewww.exploit-db.com/exploits/44482/unverifiedexploitdbwww.exploit-db.com/exploits/44448unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/https://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714https://github.com/a2u/CVE-2018-7600https://github.com/g0rx/CVE-2018-7600-Drupal-RCEhttps://greysec.net/showthread.php?tid=2912&pid=10561https://groups.drupal.org/security/faq-2018-002https://lists.debian.org/debian-lts-announce/2018/03/msg00028.htmlhttps://research.checkpoint.com/uncovering-drupalgeddon-2/https://twitter.com/arancaytar/status/979090719003627521https://twitter.com/RicterZ/status/979567469726613504https://twitter.com/RicterZ/status/984495201354854401https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7600