CVE-2000-0684

BEA WebLogic 5.1.x - Unauthenticated Remote Code Execution via JSPServlet

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0684. PoCs published by Brian Carrier.

AI-analyzed exploit summary This exploit decrypts weakly encrypted NetZero credentials stored in 'jnetz.prop' using a substitution cipher. It reads the encrypted password and user ID, then applies a predefined decryption table to recover the plaintext password.

Description

BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Brian Carrier · clocalwindows

https://www.exploit-db.com/exploits/20081

View Code ZIP pw:eip

This exploit decrypts weakly encrypted NetZero credentials stored in 'jnetz.prop' using a substitution cipher. It reads the encrypted password and user ID, then applies a predefined decryption table to recover the plaintext password.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: NetZero ZeroPort (version not specified)

No auth needed

Prerequisites: Access to the 'jnetz.prop' file on the target system

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources x_refsource_confirm

http://developer.bea.com/alerts/security_000731.html

Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1525

Scores

EPSS 0.1226

EPSS Percentile 95.7%

Details

Status published

Products (3)

bea/weblogic_server 3.1.8

bea/weblogic_server 4.0.4

bea/weblogic_server 4.5.1

Published Oct 20, 2000

Tracked Since Feb 18, 2026