Imunify360 Protects You Against Both Drupal Exploits
Drupal has recently patched a critical remote code execution exploit, which we wrote about
earlier this month. The second part of that vulnerability, CVE-2018-7602
is now here. Again, this vulnerability may result in Drupal sites to be completely compromised. According to Drupal advisory
, both of these vulnerabilities are being exploited in the wild.
However, if you are using Imunify360
, you don't have to worry about it, at least not for now. Earlier this month, we have added a rule CVE-2018-7600 to our database to detect and block suspicious requests. Now, we have pushed a rule CVE-2018-7602 to master and have deployed it to all our customers.
While we always recommend updating the vulnerable software, we are happy to secure your sites until you have a chance to do so.