Drupal RESTWS Module PHP Remote Command Injection Exploit

RESTWS alters the default page callbacks for entities to provide additional functionality. A vulnerability in this approach allows an unauthenticated attacker to send specially crafted requests resulting in arbitrary PHP execution.
Platform: 
Vulnerabilty ID: 
NOCVE-9999-75002
Product Version: 
2016_R1
Released Date: 
Wednesday, July 20, 2016 - 00:00