Drupal core - Highly critical - Remote Code Execution(Drupalgeddon2) Vulnerability
(too old to reply)
Antu Sanadi
2018-03-29 09:27:05 UTC
Hello All, Drupal has released patches for highly critical
vulnerability(SA-CORE-2018-002) for all supported and non-supported
versions of Drupal CMS and CVE identifier has assigned the
CVE-2018-7600. The vulnerability allows an attacker to execute arbitrary
code in the main component of the system and intercept control of the
site. The attacker does not need to register or authenticate to exploit
the vulnerability. Drupal has named this vulnerability as
"Drupalgeddon2".We have now created the NVTs to detect this
vulnerability(soonwill be update into feed), Please do scan with updated
feed to detect the vulnerability andstrongly recommended toapply
security patches as soon as possible to stay secure. Thanks, Antu Sanadi