CVE-2025-61757 PoC — Oracle Fusion Middleware 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-61757.yaml

Associated Vulnerability

Title:Oracle Fusion Middleware 安全漏洞 (CVE-2025-61757)
Description:Oracle Fusion Middleware（Oracle融合中间件）是美国甲骨文（Oracle）公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。Identity Manager是其中的一个企业身份管理系统组件。 Oracle Fusion Middleware的Identity Manager 12.2.1.4.0版本和14.1.2.1.0版本存在安全漏洞，该漏洞源于未经验证的攻击者可通过HTTP网络访问进行攻击，可能导致Identity Manager被接管。

Description

Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST WebServices). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in takeover of Identity Manager.

File Snapshot


 id: CVE-2025-61757

info:
  name: Oracle Identity Manager REST WebServices - Authentication Bypass
 

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!