Lucene search
K

12 matches found

Nuclei
Nuclei
added 2026/06/23 5:8 a.m.62 views

Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware Web Services versions 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2 is susceptible to a difficult to exploit vulnerability that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic...

7.4CVSS7.4AI score0.96015EPSS
Exploits9References5
The Hacker News
The Hacker News
added 2024/06/28 11:59 a.m.76 views

8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining

Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware...

7.5CVSS7.1AI score0.99993EPSS
Exploits56
Trellix
Trellix
added 2024/06/27 12:0 a.m.35 views

The Bug Report - June 2024 Edition

The Bug Report - June 2024 Edition By Jonathan Omakun & Tobi Olawale · June 27, 2024 Why am I Here Welcome back to The Bug Report, the "so hot the server fans are sweating" edition! For those who are new to our monthly adventure, every month, our dedicated Advanced Research Center vulnerability...

9.8CVSS9.4AI score0.99987EPSS
Exploits75
The Hacker News
The Hacker News
added 2024/06/04 3:25 a.m.36 views

Oracle WebLogic Server OS Command Injection Flaw Under Active Attack

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. Tracked as CVE-2017-3506 CVSS score: 7.4, the issue concerns an operati...

7.5CVSS8AI score0.99811EPSS
Exploits19
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/05/30 12:0 a.m.38 views

Decoding Water Sigbin's Latest Obfuscation Tricks

Water Sigbin aka the 8220 Gang exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against...

7.5CVSS7.2AI score0.99811EPSS
Exploits19
The Hacker News
The Hacker News
added 2023/05/18 9:31 a.m.103 views

8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency

The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question is CVE-2017-3506 CVSS score: 7.4, which, whe...

7.4CVSS7.9AI score0.96015EPSS
Exploits9
Hacker One
Hacker One
added 2020/03/04 2:20 p.m.176 views

MTN Group: Remote OS Command Execution on Oracle Weblogic server via [CVE-2017-3506]

Summary Hello. I was able to identify RCE vulnerability due to the outdated Oracle Weblogic instance on https://raebilling.mtn.co.za. Steps To Reproduce To reproduce, try this request with BurpSuite This request to the https://raebilling.mtn.co.za/wls-wsat/RegistrationRequesterPortType will trigg...

5.8CVSS1.1AI score0.96015EPSS
Exploits9
GithubExploit
GithubExploit
added 2019/08/23 1:42 a.m.506 views

Exploit for Injection in Oracle Agile_Plm

CVE-2019-2725 WebLogic Universal Exploit - CVE-2017-3506 / CVE...

9.8CVSS9.5AI score0.99993EPSS
Exploits83
Circl
Circl
added 2018/09/19 5:29 p.m.14 views

CVE-2017-3506

creationtimestamp| type| source ---|---|--- 2018-09-19 17:29:15+00:00| seen| MISP/5ba281fe-cc88-4bf3-a9ef-3c290a021402 2019-06-20 12:20:36+00:00| seen| https://t.me/Pen7esting/216 2020-10-09 16:07:00+00:00| seen| MISP/fab9047e-3eb6-4d8e-a967-65c02cd3e253 2023-05-18 12:43:27+00:00| exploited|...

7.4CVSS7.3AI score0.96015EPSS
Exploits9References14
Check Point Advisories
Check Point Advisories
added 2017/12/27 12:0 a.m.39 views

Oracle WebLogic WLS Security Component Remote Code Execution (CVE-2017-10271; CVE-2017-3506)

A remote code execution vulnerability exists within Oracle WebLogic WLS. This is due to the way Oracle WebLogic handles xml decodes. A successful attack could lead to a remote code execution...

5.8CVSS2.4AI score0.99993EPSS
Exploits46
CVE
CVE
added 2017/04/24 7:0 p.m.495 views

CVE-2017-3506

CVE-2017-3506 is a remote code execution vulnerability in Oracle WebLogic Server (WLS) via the wls-wsat XMLDecoder path. Affected versions include 10.3.6.0, 12.1.3.0, 12.2.1.0/1/2. The root cause is unsafe deserialization of XML data through XMLDecoder, which can allow an unauthenticated attacker...

7.4CVSS7.7AI score0.96015EPSS
In wildExploits9References4Affected Software1
OpenVAS
OpenVAS
added 2017/04/19 12:0 a.m.301 views

Oracle WebLogic Server Multiple Vulnerabilities (cpuapr2017)

Oracle WebLogic Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:bea:weblogicserver";...

10CVSS9.3AI score0.99999EPSS
Exploits53References6
Rows per page
Query Builder