CVE-2019-2725

This Metasploit module exploits CVE-2019-2725, an unauthenticated deserialization vulnerability in Oracle WebLogic Server's AsyncResponseService. It sends a malicious SOAP request to execute arbitrary commands via Java deserialization.

This exploit targets CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server, allowing unauthenticated RCE via HTTP. The PoC uses a crafted payload to execute a reverse shell via PowerShell.

This repository contains a functional exploit tool for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The tool includes multiple payloads for different versions of WebLogic and provides a GUI for executing checks and exploits.

This repository contains a functional exploit for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit leverages Java deserialization gadgets (TemplatesImpl) to achieve remote code execution (RCE) by crafting malicious serialized data.

This repository contains a functional Python script that exploits CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The PoC sends a malicious SOAP request to trigger remote code execution via the AsyncResponseService endpoint.

This repository contains a functional exploit for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit uploads a webshell and executes commands, demonstrating remote code execution (RCE) capabilities.

This repository contains a functional exploit for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit supports multiple payloads and endpoints, demonstrating remote code execution (RCE) capabilities.

The repository contains only a minimal README with no exploit code or technical details. It references CVE-2019-2725 but provides no functional PoC or analysis.

This repository contains a functional Python exploit for CVE-2019-2725, an unauthenticated remote code execution vulnerability in Oracle WebLogic Server. The exploit sends a crafted SOAP request to trigger deserialization of malicious payloads, leading to arbitrary command execution.

This repository contains functional exploit code for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit sends a crafted SOAP request to execute arbitrary commands on the target system.

This repository contains a functional exploit for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit uses ysoserial to generate a malicious payload and crafts a SOAP request to trigger remote code execution.

This repository contains a functional exploit for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit sends a crafted SOAP request to execute arbitrary commands via ProcessBuilder, demonstrating remote code execution (RCE).

This repository contains a functional exploit for CVE-2019-2725, targeting the Oracle WebLogic Server wls-wsat component. The exploit leverages deserialization to achieve remote code execution (RCE) by sending crafted SOAP requests with malicious payloads.

This repository contains a functional Python exploit for CVE-2019-2725, targeting Oracle WebLogic Server versions 10.3.6 and 12.1.3. The exploit leverages deserialization vulnerabilities to achieve remote command execution (RCE) and webshell upload.

This repository contains a functional exploit for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit sends a crafted SOAP request with a malicious payload to achieve remote code execution (RCE) via a reverse shell.

The repository contains a Python script that checks for the presence of vulnerable endpoints in Oracle WebLogic Server (CVE-2019-2725) by sending HTTP requests and analyzing responses. It does not include exploit code for achieving RCE but confirms vulnerability presence.

This repository contains a functional exploit for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit crafts a malicious SOAP request to execute arbitrary commands on the target system via ProcessBuilder.

This repository contains a functional Python exploit for CVE-2019-2725, a critical deserialization vulnerability in Oracle WebLogic Server's AsyncResponseService. The exploit sends a malicious SOAP request to execute arbitrary commands, demonstrated via a reverse shell payload.

This repository contains a functional exploit for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit leverages a crafted SOAP request to execute arbitrary commands via Java deserialization, resulting in remote code execution.

The repository lacks actual exploit code and instead instructs users to modify a 'txt' file with a '大马地址' (likely a malicious payload URL) and use Burp Suite to send a POST request. No technical details about CVE-2019-2725 are provided.

This repository contains a functional exploit for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. The exploit uses ysoserial to generate a malicious payload and crafts a SOAP request to trigger remote code execution.

This repository contains a scanner for CVE-2019-2725, a deserialization vulnerability in Oracle WebLogic Server. It includes a script to collect potential targets from a search engine and another script to check for the presence of the vulnerability by sending a request to a specific endpoint.

This repository contains a Python-based scanner for detecting multiple WebLogic vulnerabilities, including CVE-2019-2725. It checks for the presence of vulnerable modules but does not include functional exploit code for achieving RCE or other offensive actions.

This Metasploit module exploits a deserialization vulnerability in Oracle WebLogic Server's AsyncResponseService via a malicious SOAP request, leading to remote code execution. It supports multiple platforms (Unix, Windows, Solaris) and delivers payloads tailored to each target.