The exploitation of a very dangerous Drupal vulnerability has started after the publication of proof-of-concept (PoC) code.
The code, hosted on GitHub, was created by Vitalii Rudnykh, a Russian security researcher. The code is based on a breakdown of the
Drupalgeddon2 vulnerability published by Check Point and Dofinity researchers. It all happened within a few hours between
Check Point's blog post,
Rudnykh's PoC, and the start of exploitation attempts —
first spotted by web security firm Sucuri.
Sucuri: Not a lot of exploitation attempts yet
"Not seeing a lot of attempts yet, just a couple from a few IP addresses," Daniel Cid, VP of Engineering at GoDaddy and CTO/Founder of Sucuri told Bleeping Computer in a private conversation last night.Cid told us that most exploitation attempts are "based on the PoC shared on GitHub," but other attackers might be working on their own code as well.
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
