POC详情: 0f5fb3b4e25720edcdeb65a7807e8b542acb1ced

来源
https://github.com/rxerium/CVE-2025-61882-CVE-2025-61884
关联漏洞
标题: Oracle E-Business Suite 安全漏洞 (CVE-2025-61882)
描述:Oracle E-Business Suite是美国甲骨文(Oracle)公司的一套全面集成式的全球业务管理软件。该软件提供了客户关系管理、服务管理、财务管理等功能。 Oracle E-Business Suite 12.2.3版本至12.2.14版本存在安全漏洞,该漏洞源于未经验证的攻击者可通过HTTP网络访问进行攻击,可能导致组件接管。
描述
Detection for CVE-2025-61882
介绍
# CVE-2025-61882 & CVE-2025-61884

***EDIT: Oracle just disclosed a new vulnerability CVE-2025-61884, the detection script for that vuln can be found in this repo or originally here: https://gist.github.com/rxerium/6c70bc6b72fc0d1365c85937d35d9550.***

As quoted from [Oracle's security advisory](https://www.oracle.com/security-alerts/alert-cve-2025-61882.html):
> This Security Alert addresses vulnerability CVE-2025-61882 in Oracle E-Business Suite. This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. If successfully exploited, this vulnerability may result in remote code execution.

## How does this detection method work?

This vulnerability detection template detects Oracle E-Business Suite instances that are vulnerable to CVE-2025-61882 by checking if the page contains "E-Business Suite Home Page" text and comparing the Last-Modified header date against October 4, 2025. If the Last-Modified date is before October 4, 2025 (Unix timestamp 1759602752), it indicates the instance hasn't been patched and is potentially vulnerable to the vulnerability in question.

## How do I run this script?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com:<port> -t template.yaml` 

***For enhanced detection please include ports in your input list.***

## References

- https://www.oracle.com/security-alerts/alert-cve-2025-61882.html
- https://www.shodan.io/search?query=html%3A%22OA_HTML%22&page=2


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

## Share This Project

<div align="center">
  <a href="https://twitter.com/intent/tweet?text=Check%20out%20this%20CVE%20detection%20template%20by%20@rxerium!&url=https://github.com/rxerium/poc-template" target="_blank">
    <img src="https://img.shields.io/badge/🐦%20Share%20on-Twitter-lightgrey?style=flat&logo=twitter&logoColor=1DA1F2" alt="Share on Twitter"/>
  </a>
  <a href="https://www.linkedin.com/sharing/share-offsite/?url=https://github.com/rxerium/poc-template" target="_blank">
    <img src="https://img.shields.io/badge/💼%20Share%20on-LinkedIn-lightgrey?style=flat&logo=linkedin&logoColor=0077B5" alt="Share on LinkedIn"/>
  </a>
  <a href="mailto:?subject=CVE%20Detection%20Template&body=Check%20out%20this%20interesting%20CVE%20detection%20template%20by%20rxerium:%20https://github.com/rxerium/poc-template" target="_blank">
    <img src="https://img.shields.io/badge/%20Share%20via-Email-lightgrey?style=flat&logo=gmail&logoColor=D14836" alt="Share via Email"/>
  </a>
</div>

---

## Contact

Feel free to reach out via [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw) if you have any questions.
文件快照

 [4.0K]  /data/pocs/0f5fb3b4e25720edcdeb65a7807e8b542acb1ced
├── [1.0K]  CVE-2025-61882.yaml
├── [1.0K]  CVE-2025-61884.yaml
└── [2.9K]  README.md

0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。