ET WEB_SPECIFIC_APPS [eSentire] Drupalgeddon2 <8.3.9 <8.4.6 <8.5.1 RCE Through Registration Form (CVE-2018-7600)

SID: 2025646Rev: 20 views
History
Sourceet/open
CreatedJuly 10, 2018
UpdatedAugust 25, 2020
Classificationattempted-admin
alert http any any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS [eSentire] Drupalgeddon2 <8.3.9 <8.4.6 <8.5.1 RCE Through Registration Form (CVE-2018-7600)"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"user/password&name"; nocase; fast_pattern; content:"markup|5d 3d|"; nocase; distance:0; pcre:"/^\[(?:%(?:25)?23|#)\s*(?:access_callback|pre_render|post_render|lazy_builder)/Ri"; reference:cve,2018-7600; reference:url,research.checkpoint.com/uncovering-drupalgeddon-2; classtype:attempted-admin; sid:2025646; rev:2; metadata:affected_product Drupal_Server, attack_target Client_Endpoint, created_at 2018_07_10, deployment Perimeter, performance_impact Moderate, confidence High, signature_severity Major, tag CISA_KEV, updated_at 2020_08_25;)

References

cve2018-7600
urlresearch.checkpoint.com/uncovering-drupalgeddon-2

Metadata

affected productDrupal_Server
attack targetClient_Endpoint
created at2018_07_10
deploymentPerimeter
performance impactModerate
confidenceHigh
signature severityMajor
tagCISA_KEV
updated at2020_08_25

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!