/plushcap/analysis/cloudflare/drupal-waf-rule-mitigate-critical-exploit

Cloudflare is adding Drupal WAF Rule to Mitigate Critical Drupal Exploit

What's this blog post about?

On March 29, 2018, Drupal announced an update to fix a critical remote code execution exploit (SA-CORE-2018-002/CVE-2018-7600). In response, Cloudflare has released a rule to block requests matching these exploit conditions for their Web Application Firewall (WAF). The rule can be found in the Cloudflare ruleset under the Drupal category with the rule ID of D0003. The official Drupal Advisory is available at https://www.drupal.org/sa-core-2018-002.

Company
Cloudflare

Date published
March 29, 2018

Author(s)
Pasha Kravtsov

Word count
68

Language
English

Hacker News points
None found.


By Matt Makai. 2021-2024.