PoC based CheckPoint article.
https://research.checkpoint.com/uncovering-drupalgeddon-2/
by Eyal Shalev, Rotem Reiss and Eran Vaknin
IMPORTANT:
Is provided only for educational or information purposes.
CVE-2018-7600 / SA-CORE-2018-002
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.