Introducing Dynamic API Scanning
Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. …
On March 28th, Drupal released a security update that fixes a critical remote code execution vulnerability nicknamed Drupalgeddon 2.0. Detectify scans your site for this vulnerability and will alert you if you are running a vulnerable version of Drupal.
The issue (CVE-2018-7600) is a remote code execution vulnerability that allows attackers to take over a Drupal site, accessing all non-public data as well as being able to modify or delete it. The vulnerability can be exploited by simply accessing a URL, which is why it has been assigned a high severity score.
Sites running Drupal versions 8, 7, and 6 (note that Drupal 6 is no longer supported) are all at risk. According to an FAQ post written by the Drupal security team, this adds up to over one million sites.
Immediately upgrade to the most recent version of Drupal core. If you are running 7.x, the latest release is 7.58, and if you are running 8.5.x, you should upgrade to 8.5.1.
The Drupal security team has confirmed that exploits for this vulnerability have been developed and that evidence of automated attack attempts emerged last week. This is why we recommend you to inspect your logs for signs of malicious activity.
If you are unable to install the latest version of Drupal straightaway, you can use the patches suggested in the security advisory to temporarily fix the vulnerability until you can upgrade your installation.
Drupal Public Service Announcement
Drupal Security Advisory
Drupalgeddon 2.0 FAQ
Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. …
The average organization is missing testing 9 out of 10 of their complex web apps that are attacker-attractive targets. To address this, we’re launching new …