CVE•Published 2017-03-16•Modified 2026-05-13•1 article on news•4 live references•NVD data
CVE-2017-6381Drupal · Drupal
Vulnerability data via NVD (ingested)
CVSS v3.1
8.1
HIGH
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS percentile
—
Weaknesses (CWE)
Description
A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, and the fact that Composer development dependencies aren't normal installed. You might be vulnerable to this if you are running a version of Drupal before 8.2.2. To be sure you aren't vulnerable, you can remove the <siteroot>/vendor/phpunit directory from your production deployments
Timeline
Published 2017-03-16
Modified 2026-05-13
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
Shodan · vuln tag3 hosts
vuln:CVE-2017-6381Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product + version
product:"Drupal Drupal" version:"8.0.0"Version-pinned fingerprint from NVD's first vulnerable CPE.
Shodan · banner/body mention
http.html:"Drupal"HTTP body or banner mentions "Drupal" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2017-6381Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2017-6381Censys host search filtered to this CVE id.
grep.app
CVE-2017-6381Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2017-6381GitHub code search for direct mentions.
Google dork
"CVE-2017-6381" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.
Known PoCs on GitHub (3)
CVE-2017-63813 repos
Ghostasky/ALLStarRepoPython
我所有star的repo
snowcapped-morula414/bingoPython
Automate penetration testing workflows using an AI-powered terminal.
AnonShield/LabVulnerabilitiesPython
Comprehensive containerized security lab with 158+ vulnerable services (OWASP, CVEs, Databases, DevOps). Features an isolated network, unified orchestration, and a production-grade…