CVE-2016-0492

Oracle Application Testing Suite - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2016-0492. PoCs published by Metasploit, Zhou Yu.

AI-analyzed exploit summary This Metasploit module exploits an authentication bypass (CVE-2016-0492) and arbitrary file upload (CVE-2016-0491) in Oracle Application Testing Suite (OATS) 12.4.0.2.0 to upload and execute a JSP shell, achieving remote code execution.

Description

Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0488. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the isAllowedUrl function, which allows remote attackers to bypass authentication via directory traversal sequences following a URI entry that does not require authentication, as demonstrated by olt/Login.do/../../olt/UploadFileUpload.do.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotejava
https://www.exploit-db.com/exploits/39852

This Metasploit module exploits an authentication bypass (CVE-2016-0492) and arbitrary file upload (CVE-2016-0491) in Oracle Application Testing Suite (OATS) 12.4.0.2.0 to upload and execute a JSP shell, achieving remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Oracle Application Testing Suite (OATS) <= 12.4.0.2.0
No auth needed
Prerequisites: Network access to the target OATS instance · OATS version <= 12.4.0.2.0
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Zhou Yu · pythonwebappsjsp
https://www.exploit-db.com/exploits/39691

This exploit bypasses authentication in Oracle Application Testing Suite 12.4.0.2.0 and uploads a JSP webshell, enabling remote command execution. It leverages a path traversal vulnerability to access the file upload endpoint without authentication.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Oracle Application Testing Suite 12.4.0.2.0
No auth needed
Prerequisites: Network access to the target · Target running Oracle Application Testing Suite 12.4.0.2.0
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-16-042
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/39852/
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/39691/
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/137175/Oracle-ATS-Arbitrary-File-Upload.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1034734
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/81158
Third Party Advisory, VDB Entry x_refsource_misc
http://www.rapid7.com/db/modules/exploit/multi/http/oracle_ats_file_upload

Scores

EPSS 0.9272
EPSS Percentile 99.8%

Details

Status published
Products (2)
oracle/application_testing_suite 12.4.0.2
oracle/application_testing_suite 12.5.0.2
Published Jan 21, 2016
Tracked Since Feb 18, 2026