← ExploitWatch
HomeExploited Vulnerabilities

CVE-2018-7602 — Actively Exploited: Core (Drupal)

A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.

CVE IDCVE-2018-7602
VendorDrupal
ProductCore
Vulnerability nameDrupal Core Remote Code Execution Vulnerability
Date added2022-04-13
Remediation due2022-05-04
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionA remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →