PT-2018-18169 · Drupal+1 · Drupal+1

Blaklis

Publicado

2018-04-25

Atualizado

2025-08-27

CVE-2018-7602

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Drupal versions 7.x through 8.x

Description A remote code execution issue exists within multiple subsystems of Drupal. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. The issue is related to Drupal core and is being exploited in the wild.

Recommendations For versions 7.x and 8.x, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

BDU:2026-04575

CVE-2018-7602

DLA-1365-1

DRUPAL-CORE-2018-004

DSA-4180-1

GHSA-297X-J9PM-XJGG

USN-4773-1

Produtos afetados

Drupal

Ubuntu

PT-2018-18169 · Drupal+1 · Drupal+1

CVE-2018-7602

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 32