CVE-2014-4210

NUCLEI

Oracle WebLogic Server <10.3.6.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 6 public exploits for CVE-2014-4210. PoCs published by 0xn0ne, NoneNotNull, NHPT. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a WebLogic vulnerability scanner that checks for multiple CVEs, including CVE-2018-2628. It is a Python-based tool designed to detect vulnerabilities in Oracle WebLogic Server by sending crafted requests and analyzing responses.

Description

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.

Exploits (6)

nomisec SCANNER 2,072 stars
by 0xn0ne · poc
https://github.com/0xn0ne/weblogicScanner

This repository contains a WebLogic vulnerability scanner that checks for multiple CVEs, including CVE-2018-2628. It is a Python-based tool designed to detect vulnerabilities in Oracle WebLogic Server by sending crafted requests and analyzing responses.

Classification
Scanner 95%
Attack Type
Other
Complexity
Moderate
Reliability
Reliable
Target: Oracle WebLogic Server
No auth needed
Prerequisites: Network access to the target WebLogic Server · Python 3.6 or higher
devstral-2 · analyzed Feb 15, 2026 Full analysis →
nomisec WORKING POC 98 stars
by NoneNotNull · poc
https://github.com/NoneNotNull/SSRFX

This repository contains a Python-based SSRF exploitation tool targeting CVE-2014-4210, which affects Oracle WebLogic Server. The tool supports host detection, port scanning, and shell acquisition via Redis unauthorized access.

Classification
Working Poc 90%
Attack Type
Ssrf
Complexity
Moderate
Reliability
Reliable
Target: Oracle WebLogic Server
No auth needed
Prerequisites: Access to a vulnerable WebLogic Server instance · Network access to internal services
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 10 stars
by NHPT · poc
https://github.com/NHPT/WebLogic-SSRF_CVE-2014-4210

This is a Python3-based exploit script for CVE-2014-4210, an SSRF vulnerability in Oracle WebLogic's SearchPublicRegistries.jsp. It allows scanning for open ports and detecting the vulnerability by sending crafted HTTP requests to the target.

Classification
Working Poc 95%
Attack Type
Ssrf
Complexity
Moderate
Reliability
Reliable
Target: Oracle WebLogic Server
No auth needed
Prerequisites: Network access to the WebLogic server · WebLogic server with exposed SearchPublicRegistries.jsp
devstral-2 · analyzed Feb 16, 2026 Full analysis →
github SCANNER 6 stars
by Y5neKO · pythonpoc
https://github.com/Y5neKO/ExpAndPoc_Collection/tree/main/CVE-2014-4210

The repository contains a Python script that scans for CVE-2014-4210 by sending crafted HTTP requests to a WebLogic server and checking for specific error responses. It does not include exploit code but detects vulnerable instances.

Classification
Scanner 90%
Attack Type
Ssrf
Complexity
Moderate
Reliability
Reliable
Target: Oracle WebLogic Server
No auth needed
Prerequisites: Network access to the target WebLogic server
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC 3 stars
by unmanarc · poc
https://github.com/unmanarc/CVE-2014-4210-SSRF-PORTSCANNER-POC

This is a functional PoC for CVE-2014-4210, an SSRF vulnerability in Oracle WebLogic. It uses an embedded Qt WebEngine to exploit the SSRF bug for port scanning remote hosts by checking responses from the UDDI explorer interface.

Classification
Working Poc 95%
Attack Type
Ssrf
Complexity
Moderate
Reliability
Reliable
Target: Oracle WebLogic (versions affected by CVE-2014-4210)
No auth needed
Prerequisites: Network access to vulnerable WebLogic server · UDDI explorer interface accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by ZorvithonLeo · poc
https://github.com/ZorvithonLeo/Exploit-CVE-2014-4210-

This repository contains a Python-based exploit for CVE-2014-4210, targeting Oracle WebLogic Server. The exploit combines SSRF, RCE via deserialization, and post-exploitation actions like ransomware deployment and AWS credential theft.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Oracle WebLogic Server
No auth needed
Prerequisites: Target WebLogic Server with CVE-2014-4210 vulnerability · Network access to the target server · Python environment with required libraries (requests, Crypto)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Oracle Weblogic - Server-Side Request Forgery
MEDIUMby princechaddha
Shodan: title:"Weblogic" || http.title:"weblogic" || http.html:"weblogic application server"
FOFA: title="weblogic" || body="weblogic application server"

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534161/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/94554
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/68629
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Dec/23

Scores

EPSS 0.9405
EPSS Percentile 99.9%

Details

Status published
Products (2)
oracle/fusion_middleware 10.0.2
oracle/fusion_middleware 10.3.6
Published Jul 17, 2014
Tracked Since Feb 18, 2026