Drupal.RESTWS.Module.Page.Callback.Code.Execution
Description
This indicates an attack attempt to exploit a remote Code Execution vulnerability in the third-party RESTWS module for the Drupal content
management system (CMS).
The vulnerability is due to a flaw in the application design. A remote attacker can exploit this to execute arbitrary code in the security context of the web server via a crafted HTTP request.
Affected Products
Drupal Drupal 7.x
Drupal RESTWS 7.x-1.x prior to 7.x-1.7
Drupal RESTWS 7.x-2.x prior to 7.x-2.6
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
https://www.drupal.org/node/2765567
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |