CVE-2020-2883 PoC — Oracle Fusion Middleware 安全漏洞

Source

https://github.com/Y4er/CVE-2020-2883

Associated Vulnerability

Title:Oracle Fusion Middleware 安全漏洞 (CVE-2020-2883)
Description:Oracle Fusion Middleware（Oracle融合中间件）是美国甲骨文（Oracle）公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。 Oracle Fusion Middleware中的WebLogic Server的Core组件存在安全漏洞。攻击者可利用该漏洞控制WebLogic Server，影响数据的可用性、保密性和完整性。以下产品及版本受到影响：WebLogic Server 10.3.6.0.0版本，12.1.3.0.0版本，12.2.1.3.0版

Description

Weblogic coherence.jar RCE

Readme

# CVE-2020-2883
先克隆框架
```
git clone https://github.com/Y4er/CVE-2020-2555
```

然后将 `CVE_2020_2883.java` 放到 `src/com/supeream/CVE_2020_2883.java` 目录下

导入idea运行 `CVE_2020_2883.java` RCE!

# 截图
![CVE_2020_2883.gif](./CVE_2020_2883.gif)

File Snapshot


 [4.0K]  /data/pocs/8c502395d9a810e38839775dfb2189742740df10
├── [374K]  CVE_2020_2883.gif
├── [3.6K]  CVE_2020_2883.java
└── [ 271]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!