Uncovering Drupalgeddon 2. Details about of the vulnerability (CVE-2018-7600) https://research.checkpoint.com/uncovering-drupalgeddon-2/ #web #drupal #rce #darw1n
Check Point Research
Uncovering Drupalgeddon 2 - Check Point Research
Research By: Eyal Shalev, Rotem Reiss and Eran Vaknin Abstract Two weeks ago, a highly critical (25/25 NIST rank) vulnerability, nicknamed Drupalgeddon 2 (SA-CORE-2018-002 / CVE-2018-7600), was disclosed by the Drupal security team. This vulnerability allowedβ¦
(CVE-2019-6340) Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution https://www.ambionics.io/blog/drupal8-rce POC: https://gist.github.com/leonjza/d0ab053be9b06fa020b66f00358e3d88 #web #drupal #rce #poc
Ambionics
Exploiting Drupal8's REST RCE
Exploitation and mitigation bypasses for the new Drupal 8 RCE (SA-CORE-2019-003, CVE-2019-6340), targeting the REST module.