File Upload Vulnerability in Drupal Core Affects Multiple Versions
CVE-2020-13671

8.8HIGH

Key Information:

Vendor
Drupal
Status
Drupal Core
Vendor
CVE Published:
20 November 2020

Badges

👾 Exploit Exists🟣 EPSS 67%🦅 CISA Reported

Summary

The vulnerability in Drupal Core arises from inadequate sanitization of certain filenames in uploaded files. As a result, these files may be incorrectly interpreted with misleading extensions, potentially allowing them to be served with the wrong MIME type or executed as PHP, especially under certain hosting configurations. This flaw poses a significant risk as it could enable attackers to execute arbitrary code in web applications, emphasizing the importance of upgrading to the patched versions.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

Drupal Core 9.0 versions prior to 9.0.8

Drupal Core 8.9 versions prior to 8.9.9

Drupal Core 8.8 versions prior to 8.8.11

References

https://www.drupal.org/sa-core-2020-012
x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA

EPSS Score

67% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • Vulnerability published

  • Vulnerability Reserved

.