Uncovering Drupalgeddon 2
By Eyal Shalev, Rotem Reiss and Eran Vaknin Abstract Two weeks ago, a highly critical (25/25 NIST rank) vulnerability, nicknamed Drupalgeddon 2 (SA-CORE-2018-002 / CVE-2018-7600), was disclosed by the Drupal security team. This vulnerability allowed an unauthenticated attacker to perform remote code execution on default or common Drupal installations. Drupal is an open-source content management system […]
The post Uncovering Drupalgeddon 2 appeared first on Check Point Research.
You may also like
Hijacked Trust: How Malicious Actors Exploited Discord’s Invite System to Launch Global Multi-Stage Attacks
Attackers took advantage of a Discord feature that lets expired ...
Check Point Research Warns of Holiday-Themed Phishing Surge as Summer Travel Season Begins
Over 39,000 new vacation-related domains registered in May 2025, with ...
Inside Stealth Falcon’s Espionage Campaign Using a Microsoft Zero-Day
Inside Stealth Falcon’s Espionage Campaign Using a Microsoft Zero-Day Check ...
Cyber Risks Take Flight, Navigating the Evolving Threat Landscape in the Travel Industry
The global travel industry is flying high once again, but ...