SUBJECT: CVE-2018-7602 Drupal Core Remote Code Execution Vulnerability
TECH STACK: Drupal 7.x and 8.x
DATE(S) ISSUED: 07/19/2018
CRITICALITY: CRITICAL
OVERVIEW:
CVE-2018-7602 is a vulnerability in Drupal, an open-source content management system (CMS) software. The vulnerability could allow an attacker to execute arbitrary code on a Drupal site, potentially allowing them to take complete control of the site and its associated data.
The vulnerability is caused by a flaw in the way that Drupal processes certain types of data, specifically form input. An attacker could exploit this flaw by creating a specially crafted form that, when submitted to a Drupal site, could execute arbitrary code on the server. The vulnerability affects Drupal versions 7.x and 8.x.
https://nvd.nist.gov/vuln/detail/CVE-2018-7602
THREAT INTELLIGENCE:
CISA has added CVE-2020-13671 to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerability. This vulnerability is a frequent attack vector for malicious cyber actors of all types and poses significant risk to the federal enterprise.
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
NIST: NVD
Base Score: 9.8 CRITICAL
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SOLUTION:
The patch for CVE-2018-7602 was released by Drupal on April 25, 2018. It is included in the latest versions of Drupal 7.x and 8.x. To apply the patch, you will need to upgrade your Drupal site to the latest version of the software.
You can download the latest version of Drupal from the Drupal website:
https://www.drupal.org/download
To install the software, follow the instructions provided on the website. It is important to apply the patch as soon as possible to protect your Drupal site from potential attacks. It is also recommended to regularly check for and install the latest security updates to ensure that your Drupal site is protected from the latest threats.
REFERENCES:
