12 matches found
CVE-2020-14883
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...
8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware
The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 CVSS score: 7.2, a remote code execution bug that could be exploited by authenticated attackers to ta...
Exploit for CVE-2020-14883
CVE-2020-14883EXP This tool is used for verifying and exploi...
Oracle WebLogic Server Administration Console Handle RCE
This module exploits a path traversal and a Java class instantiation in the handle implementation of WebLogic's Administration Console to execute code as the WebLogic user. Versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0 are known to be affected. Tested against 12.2.1.3.0...
Oracle WebLogic Server Administration Console Handle Remote Code Execution Exploit
This Metasploit module exploits a path traversal and a Java class instantiation in the handle implementation of WebLogic's Administration Console to execute code as the WebLogic user. Versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0 are known to be affected. Tested against...
Oracle WebLogic Server Administration Console Handle Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle WebLogic Server Administration Console Handle RCE', 'Description' = %q This module exploits a path traversal and a Java class instantiatio...
CVE-2020-14883
creationtimestamp| type| source ---|---|--- 2020-11-18 21:46:12+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/weblogicadminhandlerce.rb 2021-01-27 04:04:05+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2004 2021-11-...
Exploit for CVE-2020-14883
CVE-2020-14883 WebLogic authenticati...
Oracle WebLogic Remote Code Execution (CVE-2020-14882; CVE-2020-14750; CVE-2020-14825; CVE-2020-14883)
A remote code execution vulnerability exists in Oracle WebLogic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2020-14883
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...
CVE-2020-14883
CVE-2020-14883 is an authenticated Remote Code Execution in Oracle WebLogic Server (Console component). Affected versions include 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. Exploitation vectors shown in connected documents rely on a path-traversal to the Admin Console and Jav...
CVE-2020-14883 — Authenticated RCE in Console component of Oracle WebLogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...