Home > Cyber News > CVE-2018-7600 Critical Drupal Bug Puts Millions of Websites at Risk

CVE-2018-7600 Critical Drupal Bug Puts Millions of Websites at Risk

The popular CMS system Drupal has been found to contain a highly critical security vulnerability that affects Drupal versions 7 and 8. The flaw has been given the CVE-2018-7600 identifier.

Drupal developers are urging admins to patch their websites as soon as possible as unpatched sites are at high risk of remote code execution. More than one million websites may be affected by the flaw if their admins leave them vulnerable.

CVE-2018-7600 Should Be Patched Immediately

Here’s the official description of CVE-2018-7600:

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.

The vulnerability is rated as highly critical, and could cause severe damage to a website. A vulnerable website can be hacked via remote code execution due to a missing input validation.

Related Story: “Cloudflare.solutions” Malware Found on Hundreds of WordPress Websites

Last week, Drupal started informing users that a highly critical release is going to be released in the upcoming days, urging admins to patch immediately. This announcement seemed rather unusual for the CMS platform, and developers were left highly concerned.

If you are running 7.x, upgrade to Drupal 7.58, and if you are running 8.5.x, upgrade to Drupal 8.5.1, Drupal said in their advisory.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree