Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:24 p.m.15 views

CVE-2020-2883

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to...

9.8CVSS7.7AI score0.94928EPSS
Exploits11
CISA
CISA
added 2025/01/07 12:0 p.m.65 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-41713link is external Mitel MiCollab Path Traversal Vulnerability CVE-2024-55550link is external Mitel MiCollab Path Traversal Vulnerability CVE-2020-2883lin...

9.8CVSS8.7AI score0.99698EPSS
In wildExploits32References11
GithubExploit
GithubExploit
added 2020/11/26 2:10 p.m.141 views

Exploit for CVE-2020-2883

what's this This project which based weblogiccmd is a poc for...

9.8CVSS9.8AI score0.94928EPSS
Exploits11
GithubExploit
GithubExploit
added 2020/10/14 11:12 p.m.66 views

Exploit for CVE-2020-2883

CVE-2020-2883 re write of...

9.8CVSS9.8AI score0.94928EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2020/07/02 12:0 a.m.203 views

Oracle WebLogic Server Java Object Deserialization RCE (CVE-2020-2883)

Binary data oracleweblogicservercve20202883.nbin...

9.8CVSS9.7AI score0.94928EPSS
Exploits11References2
0day.today
0day.today
added 2020/06/08 12:0 a.m.165 views

WebLogic Server Deserialization Remote Code Execution Exploit

This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable versions of WebLogic. Leveraging an...

9.8CVSS1.1AI score0.94928EPSS
Exploits11
Packet Storm
Packet Storm
added 2020/06/04 12:0 a.m.375 views

WebLogic Server Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebLogic Server Deserialization RCE BadAttributeValueExpException ExtComp', 'Description' = %q There exists a Java object deserialization...

7.5CVSS0.3AI score0.94928EPSS
Exploits11
GithubExploit
GithubExploit
added 2020/05/13 9:56 a.m.211 views

Exploit for CVE-2020-2883

POC for weblogic CVE-2020-2883 poc1: bash javax.manageme...

9.8CVSS9.8AI score0.94928EPSS
Exploits11
ThreatPost
ThreatPost
added 2020/05/04 2:57 p.m.1131 views

Oracle: Unpatched Versions of WebLogic App Server Under Active Attack

Oracle is urging customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack. The company said it has received numerous reports that attackers were targeting the vulnerability patched last month. Oracle WebLogic Server is a popular application server used in...

7.5CVSS9.7AI score0.99964EPSS
Exploits55References15
Check Point Advisories
Check Point Advisories
added 2020/05/04 12:0 a.m.28 views

Oracle Fusion Middleware WebLogic Server Insecure Deserialization (CVE-2020-2883; CVE-2020-2546; CVE-2020-2798; CVE-2020-2801; CVE-2020-2884)

An insecure deserialization vulnerability exists in the Oracle WebLogic Server. The vulnerability is due to the lack of input validation by the servlet. A successful attack could result in the execution of arbitrary code on the affected system...

7.5CVSS4.3AI score0.94928EPSS
Exploits12
CISA
CISA
added 2020/05/01 12:0 a.m.51 views

Unpatched Oracle WebLogic Servers Vulnerable to CVE-2020-2883

Oracle has released a blog post warning users that a previously disclosed Oracle WebLogic Server remote code execution vulnerability CVE-2020-2883 is being exploited in the wild. Oracle disclosed the vulnerability and provided software patches in their April 2020 Critical Patch Update; however,...

7.5CVSS9.3AI score0.94928EPSS
Exploits11References2
CVE
CVE
added 2020/04/15 1:29 p.m.729 views

CVE-2020-2883

CVE-2020-2883 is an Oracle WebLogic Server deserialization vulnerability (Core) that allows unauthenticated remote code execution over network access via IIOP/T3, potentially taking over the WebLogic server. Affected Oracle Fusion Middleware WebLogic versions include 10.3.6.0.0, 12.1.3.0.0, 12.2....

9.8CVSS9.1AI score0.94928EPSS
In wildExploits11References5Affected Software1
Circl
Circl
added 2020/04/15 4:0 a.m.13 views

CVE-2020-2883

creationtimestamp| type| source ---|---|--- 2020-04-15 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=469 2020-05-01 17:05:46+00:00| exploited| https://t.me/informationsecuritychannel/37471 2020-05-02 06:07:50+00:00| exploited| https://t.me/informationsecuritychannel/3748...

9.8CVSS7.5AI score0.94928EPSS
Exploits11References41
Rows per page
Query Builder