CVE-2014-2424

Oracle Fusion Middleware 11.1.1.7.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2014-2424. PoCs published by Metasploit, including Metasploit module exploits/windows/http/oracle_event_processing_upload.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in Oracle Event Processing 11.1.1.7.0 via the FileUploadServlet component, allowing unauthenticated attackers to upload malicious files to arbitrary locations due to a directory traversal flaw. It leverages WbemExec for remote code execution on Windows 2003 SP2 or older systems.

Description

Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/33989

View Code ZIP pw:eip

This Metasploit module exploits an arbitrary file upload vulnerability in Oracle Event Processing 11.1.1.7.0 via the FileUploadServlet component, allowing unauthenticated attackers to upload malicious files to arbitrary locations due to a directory traversal flaw. It leverages WbemExec for remote code execution on Windows 2003 SP2 or older systems.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Oracle Event Processing 11.1.1.7.0

No auth needed

Prerequisites: Network access to the target server · Oracle Event Processing 11.1.1.7.0 with exposed FileUploadServlet

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution T1047 - Windows Management Instrumentation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/oracle_event_processing_upload.rb