VYPR
Unrated severityNVD Advisory· Published Aug 28, 2012· Updated Jun 16, 2026

CVE-2012-1645

CVE-2012-1645

Description

The CDN module 6.x-2.2 and 7.x-2.2 for Drupal, when running in Origin Pull mode with the "Far Future expiration" option enabled, allows remote attackers to read arbitrary PHP files via unspecified vectors, as demonstrated by reading settings.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Wimleers/CDN2 versions
    cpe:2.3:a:wimleers:cdn:6.x-2.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:wimleers:cdn:6.x-2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wimleers:cdn:7.x-2.2:*:*:*:*:*:*:*
  • Drupal/CDNllm-create
    Range: 6.x-2.2, 7.x-2.2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.