Product update: Dynamic API Scanning, Recommendations & Classifications, and more
We know the importance of staying ahead of threats. At Detectify, we’re committed to providing you with the tools you need to secure your applications …
On March 28th, Drupal released a security update that fixes a critical remote code execution vulnerability nicknamed Drupalgeddon 2.0. Detectify scans your site for this vulnerability and will alert you if you are running a vulnerable version of Drupal.
The issue (CVE-2018-7600) is a remote code execution vulnerability that allows attackers to take over a Drupal site, accessing all non-public data as well as being able to modify or delete it. The vulnerability can be exploited by simply accessing a URL, which is why it has been assigned a high severity score.
Sites running Drupal versions 8, 7, and 6 (note that Drupal 6 is no longer supported) are all at risk. According to an FAQ post written by the Drupal security team, this adds up to over one million sites.
Immediately upgrade to the most recent version of Drupal core. If you are running 7.x, the latest release is 7.58, and if you are running 8.5.x, you should upgrade to 8.5.1.
The Drupal security team has confirmed that exploits for this vulnerability have been developed and that evidence of automated attack attempts emerged last week. This is why we recommend you to inspect your logs for signs of malicious activity.
If you are unable to install the latest version of Drupal straightaway, you can use the patches suggested in the security advisory to temporarily fix the vulnerability until you can upgrade your installation.
Drupal Public Service Announcement
Drupal Security Advisory
Drupalgeddon 2.0 FAQ
We know the importance of staying ahead of threats. At Detectify, we’re committed to providing you with the tools you need to secure your applications …
What if we told you that our newly released API Scanner has 922 quintillion payloads for a single type of vulnerability test? A quintillion is …