.. / CVE-2018-7600

Exploit for Drupal - Remote Code Execution (CVE-2018-7600)

Description:

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

Proof of Concept

PoC exploit

https://github.com/vulhub/vulhub/tree/master/drupal/CVE-2018-7600 (Writeup)
https://github.com/a2u/CVE-2018-7600/blob/master/exploit.py (Python)

Nuclei Template

View the template here CVE-2018-7600.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2018/CVE-2018-7600.yaml

Try the exploit in a lab environment:

Lab	Machine	Link
Hack The Box	Bastard	Go to Practice

References:

https://groups.drupal.org/security/faq-2018-002
https://www.drupal.org/sa-core-2018-002
https://nvd.nist.gov/vuln/detail/CVE-2018-7600
http://www.securitytracker.com/id/1040598
https://github.com/vulhub/vulhub/tree/master/drupal/CVE-2018-7600

.. / CVE-2018-7600 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }