CVE-2019-6340 PoC — Drupal core - Highly critical - Remote Code Execution

Source

https://github.com/oways/CVE-2019-6340

Associated Vulnerability

Title:Drupal core - Highly critical - Remote Code Execution (CVE-2019-6340)
Description:Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)

Description

CVE-2019-6340 POC Drupal rce

Readme

# CVE-2019-6340
CVE-2019-6340 POC Drupal rce

python poc.py [url] [php func] [command] [node number]

Example:
python poc.py http://192.168.142.148/drupal-8.6.9/ system ipconfig 200

<img src="https://raw.githubusercontent.com/oways/CVE-2019-6340/master/Screen%20Shot%202019-02-25%20at%2011.04.19%20AM.png">

Twitter: <a href="https://twitter.com/0w4ys">@0w4ys</a>

File Snapshot


 [4.0K]  /data/pocs/3de9bf93d84739eb5ff6cda7fa023ac27fa159dc
├── [1.2K]  poc.py
├── [ 365]  README.md
└── [ 40K]  Screen Shot 2019-02-25 at 11.04.19 AM.png

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!