Description
A vulnerability in multiple subsystems of Drupal allows remote attackers to execute arbitrary operating system commands on the server, leading to potential compromise of the affected system.
Recommendation
Mitigate the risk by upgrading Drupal to the latest stable version that includes patches for the vulnerability.
References
Related Issues
- Apache Struts OGNL expression RCE S2-057 - CVE-2018-11776
- HTTP Protocol Stack Remote Code Execution Vulnerability (DOS) - CVE-2021-31166
- WordPress 4.6 Blind OS Command Execution - CVE-2016-10033
- WordPress Plugin Smart Google Code Inserter 3.5 SQLI - CVE-2018-3810
- Tags:
- RCE
- Drupal
- Injection
Anything's wrong? Let us know Last updated on May 13, 2024