← Back to CVEs
CVE-2018-7600
CRITICALCISA KEV9.8
Description
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published3/29/2018
Last Modified10/31/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorDrupal
ProductDrupal Core
Vulnerability NameDrupal Core Remote Code Execution Vulnerability
KEV Date Added2021-11-03
Remediation Due Date2022-05-03
Ransomware UseKnown
Affected Products
debian:debian_linuxdrupal:drupal
Weaknesses (CWE)
CWE-20CWE-20
References
http://www.securityfocus.com/bid/103534(mlhess@drupal.org)
http://www.securitytracker.com/id/1040598(mlhess@drupal.org)
https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/(mlhess@drupal.org)
https://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714(mlhess@drupal.org)
https://github.com/a2u/CVE-2018-7600(mlhess@drupal.org)
https://github.com/g0rx/CVE-2018-7600-Drupal-RCE(mlhess@drupal.org)
https://greysec.net/showthread.php?tid=2912&pid=10561(mlhess@drupal.org)
https://groups.drupal.org/security/faq-2018-002(mlhess@drupal.org)
https://lists.debian.org/debian-lts-announce/2018/03/msg00028.html(mlhess@drupal.org)
https://research.checkpoint.com/uncovering-drupalgeddon-2/(mlhess@drupal.org)
https://twitter.com/RicterZ/status/979567469726613504(mlhess@drupal.org)
https://twitter.com/RicterZ/status/984495201354854401(mlhess@drupal.org)
https://twitter.com/arancaytar/status/979090719003627521(mlhess@drupal.org)
https://www.debian.org/security/2018/dsa-4156(mlhess@drupal.org)
https://www.drupal.org/sa-core-2018-002(mlhess@drupal.org)
https://www.exploit-db.com/exploits/44448/(mlhess@drupal.org)
https://www.exploit-db.com/exploits/44449/(mlhess@drupal.org)
https://www.exploit-db.com/exploits/44482/(mlhess@drupal.org)
https://www.synology.com/support/security/Synology_SA_18_17(mlhess@drupal.org)
https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know(mlhess@drupal.org)
http://www.securityfocus.com/bid/103534(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1040598(af854a3a-2127-422b-91ae-364da2661108)
https://badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/(af854a3a-2127-422b-91ae-364da2661108)
https://blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/a2u/CVE-2018-7600(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/g0rx/CVE-2018-7600-Drupal-RCE(af854a3a-2127-422b-91ae-364da2661108)
https://greysec.net/showthread.php?tid=2912&pid=10561(af854a3a-2127-422b-91ae-364da2661108)
https://groups.drupal.org/security/faq-2018-002(af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2018/03/msg00028.html(af854a3a-2127-422b-91ae-364da2661108)
https://research.checkpoint.com/uncovering-drupalgeddon-2/(af854a3a-2127-422b-91ae-364da2661108)
https://twitter.com/RicterZ/status/979567469726613504(af854a3a-2127-422b-91ae-364da2661108)
https://twitter.com/RicterZ/status/984495201354854401(af854a3a-2127-422b-91ae-364da2661108)
https://twitter.com/arancaytar/status/979090719003627521(af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2018/dsa-4156(af854a3a-2127-422b-91ae-364da2661108)
https://www.drupal.org/sa-core-2018-002(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/44448/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/44449/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/44482/(af854a3a-2127-422b-91ae-364da2661108)
https://www.synology.com/support/security/Synology_SA_18_17(af854a3a-2127-422b-91ae-364da2661108)
https://www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-know(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7600(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.