CVE-2018-7602
CRITICALCISA KEVEPSS 100th pctlDescription
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.
CVSS v3 Vector
Exploitability
Impact
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploit Intelligence
Very high risk: more likely to be exploited than 100% of all known CVEs.
Drupal Core Remote Code Execution Vulnerability
A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site.
Apply updates per vendor instructions.
Remediation due: 2022-05-04
Associated with ransomware campaigns
References
- http://www.securityfocus.com/bid/103985
- http://www.securitytracker.com/id/1040754
- https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html
- https://www.debian.org/security/2018/dsa-4180
- https://www.drupal.org/sa-core-2018-004
- https://www.exploit-db.com/exploits/44542/
- https://www.exploit-db.com/exploits/44557/
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7602
Find and fix vulnerabilities across your fleet
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start freeThis product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-11-07.