Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 3:47 p.m.17 views

CVE-2020-14883

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...

9CVSS7AI score0.97929EPSS
Exploits8
The Hacker News
The Hacker News
added 2023/12/19 6:58 a.m.93 views

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 CVSS score: 7.2, a remote code execution bug that could be exploited by authenticated attackers to ta...

10CVSS8.2AI score0.99997EPSS
Exploits52
GithubExploit
GithubExploit
added 2021/01/25 3:33 p.m.179 views

Exploit for CVE-2020-14883

CVE-2020-14883EXP This tool is used for verifying and exploi...

9CVSS7.4AI score0.97929EPSS
Exploits8
Metasploit
Metasploit
added 2020/11/19 5:41 p.m.324 views

Oracle WebLogic Server Administration Console Handle RCE

This module exploits a path traversal and a Java class instantiation in the handle implementation of WebLogic's Administration Console to execute code as the WebLogic user. Versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0 are known to be affected. Tested against 12.2.1.3.0...

10CVSS8.8AI score0.99997EPSS
Exploits45
0day.today
0day.today
added 2020/11/19 12:0 a.m.248 views

Oracle WebLogic Server Administration Console Handle Remote Code Execution Exploit

This Metasploit module exploits a path traversal and a Java class instantiation in the handle implementation of WebLogic's Administration Console to execute code as the WebLogic user. Versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0 are known to be affected. Tested against...

10CVSS8.9AI score0.99997EPSS
Exploits45
Packet Storm
Packet Storm
added 2020/11/19 12:0 a.m.1936 views

Oracle WebLogic Server Administration Console Handle Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle WebLogic Server Administration Console Handle RCE', 'Description' = %q This module exploits a path traversal and a Java class instantiatio...

10CVSS0.8AI score0.99997EPSS
Exploits45
Circl
Circl
added 2020/11/18 9:46 p.m.15 views

CVE-2020-14883

creationtimestamp| type| source ---|---|--- 2020-11-18 21:46:12+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/weblogicadminhandlerce.rb 2021-01-27 04:04:05+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2004 2021-11-...

9CVSS7.1AI score0.97929EPSS
Exploits8References15
GithubExploit
GithubExploit
added 2020/11/11 8:52 a.m.77 views

Exploit for CVE-2020-14883

CVE-2020-14883 WebLogic authenticati...

9CVSS7.3AI score0.97929EPSS
Exploits8
Check Point Advisories
Check Point Advisories
added 2020/11/01 12:0 a.m.20 views

Oracle WebLogic Remote Code Execution (CVE-2020-14882; CVE-2020-14750; CVE-2020-14825; CVE-2020-14883)

A remote code execution vulnerability exists in Oracle WebLogic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.5AI score0.99997EPSS
Exploits46
Vulnrichment
Vulnrichment
added 2020/10/21 2:4 p.m.18 views

CVE-2020-14883

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...

7.2CVSS7.1AI score0.97929EPSS
Exploits8References2
CVE
CVE
added 2020/10/21 2:4 p.m.1280 views

CVE-2020-14883

CVE-2020-14883 is an authenticated Remote Code Execution in Oracle WebLogic Server (Console component). Affected versions include 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. Exploitation vectors shown in connected documents rely on a path-traversal to the Admin Console and Jav...

9CVSS8.1AI score0.97929EPSS
In wildExploits8References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/10/21 12:0 a.m.190 views

CVE-2020-14883 — Authenticated RCE in Console component of Oracle WebLogic Server

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...

9.8CVSS8.2AI score0.99999EPSS
In wildExploits53References3
Rows per page
Query Builder