Critical severityCISA KEVNVD Advisory· Published Mar 29, 2018· Updated Oct 21, 2025
CVE-2018-7600
CVE-2018-7600
Description
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
drupal/corePackagist | >= 7.0, < 7.58 | 7.58 |
drupal/corePackagist | >= 8.0, < 8.3.9 | 8.3.9 |
drupal/corePackagist | >= 8.4.0, < 8.4.6 | 8.4.6 |
drupal/corePackagist | >= 8.5.0, < 8.5.1 | 8.5.1 |
drupal/drupalPackagist | >= 7.0, < 7.58 | 7.58 |
drupal/drupalPackagist | >= 8.0, < 8.3.9 | 8.3.9 |
drupal/drupalPackagist | >= 8.4, < 8.4.6 | 8.4.6 |
drupal/drupalPackagist | >= 8.5, < 8.5.1 | 8.5.1 |
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
28- www.exploit-db.com/exploits/44448/mitreexploitx_refsource_EXPLOIT-DB
- www.exploit-db.com/exploits/44449/mitreexploitx_refsource_EXPLOIT-DB
- www.exploit-db.com/exploits/44482/mitreexploitx_refsource_EXPLOIT-DB
- github.com/advisories/GHSA-7fh9-933g-885pghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-7600ghsaADVISORY
- www.debian.org/security/2018/dsa-4156ghsavendor-advisoryx_refsource_DEBIANWEB
- www.securityfocus.com/bid/103534ghsavdb-entryx_refsource_BIDWEB
- www.securitytracker.com/id/1040598ghsavdb-entryx_refsource_SECTRACKWEB
- badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600ghsaWEB
- badpackets.net/over-100000-drupal-websites-vulnerable-to-drupalgeddon-2-cve-2018-7600/mitrex_refsource_MISC
- blog.appsecco.com/remote-code-execution-with-drupal-core-sa-core-2018-002-95e6ecc0c714ghsax_refsource_MISCWEB
- github.com/FriendsOfPHP/security-advisories/blob/master/drupal/core/CVE-2018-7600.yamlghsaWEB
- github.com/FriendsOfPHP/security-advisories/blob/master/drupal/drupal/CVE-2018-7600.yamlghsaWEB
- greysec.net/showthread.phpghsax_refsource_MISCWEB
- groups.drupal.org/security/faq-2018-002ghsax_refsource_CONFIRMWEB
- lists.debian.org/debian-lts-announce/2018/03/msg00028.htmlghsamailing-listx_refsource_MLISTWEB
- research.checkpoint.com/uncovering-drupalgeddon-2ghsaWEB
- research.checkpoint.com/uncovering-drupalgeddon-2/mitrex_refsource_MISC
- twitter.com/RicterZ/status/979567469726613504ghsax_refsource_MISCWEB
- twitter.com/RicterZ/status/984495201354854401ghsax_refsource_MISCWEB
- twitter.com/arancaytar/status/979090719003627521ghsax_refsource_MISCWEB
- www.cisa.gov/known-exploited-vulnerabilities-catalogghsaWEB
- www.drupal.org/sa-core-2018-002ghsax_refsource_CONFIRMWEB
- www.exploit-db.com/exploits/44448ghsaWEB
- www.exploit-db.com/exploits/44449ghsaWEB
- www.exploit-db.com/exploits/44482ghsaWEB
- www.synology.com/support/security/Synology_SA_18_17ghsax_refsource_CONFIRMWEB
- www.tenable.com/blog/critical-drupal-core-vulnerability-what-you-need-to-knowghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.