Uncovering Drupalgeddon 2 - Check Point Research

6 years ago

source link: https://research.checkpoint.com/uncovering-drupalgeddon-2/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

By Eyal Shalev, Rotem Reiss and Eran Vaknin Abstract Two weeks ago, a highly critical (21/25 NIST rank) vulnerability, nicknamed Drupalgeddon 2 (SA-CORE-2018-002 / CVE-2018-7600), was disclosed by the Drupal security team. This vulnerability allowed an unauthenticated attacker to perform remote code execution on default or common Drupal installations. Drupal is an open-source content management system …

Recommend

美团打车在上海整改：清理不合规车辆不得宣传低价
联通关闭2G网络或波及500万用户将赠流量协助迁转
传特斯拉将于明年11月生产Model Y：与Model 3同平台
等了521天后乐视大楼下只剩最后这8名人
人工智能激辩：如何使其落地？
一名“佛系”产品经理的成长之路
十年彩蛋一部被记录的中国移动互联网创业史
【美腿室友不是女友，关于我友人以上恋人未满的室友是混血美腿大小姐这件事】日本某综...
在日本，井盖是如何成为一门生意的
【早报】张一鸣道歉：产品出现了与社会主义核心价值观不符的内容

About Joyk

Aggregate valuable and interesting links.
Joyk means Joy of geeK