CVE-2020-14882 PoC — Oracle WebLogic Server 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2020/CVE-2020-14882.yaml

Associated Vulnerability

Title:Oracle WebLogic Server 安全漏洞 (CVE-2020-14882)
Description:Oracle WebLogic Server是美国甲骨文（Oracle）公司的一款适用于云环境和传统环境的应用服务中间件，它提供了一个现代轻型开发平台，支持应用从开发到生产的整个生命周期管理，并简化了应用的部署和管理。 Oracle WebLogic Server 多版本的Oracle Fusion Middleware 存在安全漏洞，该漏洞使未经身份验证的攻击者可以通过HTTP访问网络，从而破坏Oracle WebLogic Server。受影响产品及版本如下： 10.3.6.0.0版本, 12.1.

Description

Oracle WebLogic Server contains an easily exploitable remote command execution vulnerability which allows unauthenticated attackers with network access via HTTP to compromise the server.

File Snapshot


 id: CVE-2020-14882

info:
  name: Oracle Weblogic Server - Remote Command Execution
  author: dwisis

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!