Exploitation Summary
CVE-2020-2551 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 16, 2023. EIP tracks 11 public exploits from researchers including 0xn0ne, Y4er, hktalent. A Nuclei detection template is also available.
AI-analyzed exploit summary This repository contains a WebLogic vulnerability scanner that checks for multiple CVEs, including CVE-2018-2628. It is a Python-based tool designed to detect vulnerabilities in Oracle WebLogic Server by sending crafted requests and analyzing responses.
Description
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Exploits (11)
This repository contains a WebLogic vulnerability scanner that checks for multiple CVEs, including CVE-2018-2628. It is a Python-based tool designed to detect vulnerabilities in Oracle WebLogic Server by sending crafted requests and analyzing responses.
This repository contains a working exploit for CVE-2020-2551, a deserialization vulnerability in Oracle WebLogic Server. The exploit leverages IIOP/T3 protocol to achieve remote code execution by sending a malicious serialized object to a vulnerable WebLogic server.
This repository contains a Python script to scan for CVE-2020-2551, a vulnerability in Oracle WebLogic Server. The script sends a GIOP packet to check for the presence of the vulnerability and supports multi-threaded scanning.
This repository contains a working exploit PoC for CVE-2020-2551, a WebLogic IIOP deserialization vulnerability. The exploit leverages RMI to achieve remote code execution by deserializing a malicious payload.
This repository contains a writeup and demonstration for CVE-2020-2551, a deserialization vulnerability in Oracle WebLogic Server that allows remote code execution via IIOP. The README includes screenshots and a GIF demonstrating the exploit but does not contain actual exploit code.
This repository contains a Python-based exploit for CVE-2020-2551, a deserialization vulnerability in Oracle WebLogic Server. The exploit sends crafted T3 protocol packets to trigger remote code execution by leveraging a malicious RMI endpoint.
The repository contains a Python script that scans for CVE-2020-2551 by sending a crafted GIOP request to detect vulnerable Oracle WebLogic servers. It does not include exploit code for achieving RCE but confirms the presence of the vulnerability.
This repository contains a Python script designed to scan for CVE-2020-2551, a vulnerability in Oracle WebLogic Server. The script sends a crafted GIOP packet to check for the presence of the vulnerability and supports both single URL and bulk checking via stdin.
This repository contains a functional exploit for CVE-2020-2551, a deserialization vulnerability in Oracle WebLogic Server's IIOP protocol. The exploit sends a crafted LocateRequest and bind_any payload to trigger remote code execution via a malicious JNDI lookup.
This repository contains a proof-of-concept exploit for CVE-2020-2551, a deserialization vulnerability in Oracle WebLogic Server. It includes scripts to set up a vulnerable environment and tools to generate and send malicious payloads.
The repository contains a Python script that scans for CVE-2020-2551 by sending a crafted GIOP request to detect vulnerable Oracle WebLogic servers. It does not include exploit code for achieving RCE but confirms the presence of the vulnerability.
Nuclei Templates (1)
http.title:"oracle peoplesoft sign-in" || product:"oracle weblogic"
title="oracle peoplesoft sign-in"
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H