CVE-2020-2733

CRITICAL NUCLEI

Oracle JD Edwards EnterpriseOne Tools 9.2 - Unauthenticated Remote Code Execution via HTTP

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-2733. PoCs published by anmolksachan. A Nuclei detection template is also available.

AI-analyzed exploit summary This PoC decrypts the admin password for JD Edwards EnterpriseOne Tools by fetching an encrypted string from a target URL or directly decrypting a provided string. It implements the decryption logic using AES-CBC with keys derived from the vulnerability details.

Description

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Monitoring and Diagnostics). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in takeover of JD Edwards EnterpriseOne Tools. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Exploits (1)

nomisec WORKING POC 1 stars

by anmolksachan · poc

https://github.com/anmolksachan/CVE-2020-2733

View Code ZIP pw:eip

This PoC decrypts the admin password for JD Edwards EnterpriseOne Tools by fetching an encrypted string from a target URL or directly decrypting a provided string. It implements the decryption logic using AES-CBC with keys derived from the vulnerability details.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: JD Edwards EnterpriseOne Tools 9.2

No auth needed

Prerequisites: Access to the target URL (http://JDEdwards:8999/manage/fileDownloader?sec=1) or an encrypted string

MITRE ATT&CK

T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure

CRITICALVERIFIEDby DhiyaneshDk,pussycat0x

Shodan: port:8999 product:"Oracle WebLogic Server" || port:8999 product:"oracle weblogic server"

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpuapr2020.html

Scores

CVSS v3 9.8

EPSS 0.1865

EPSS Percentile 96.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

Status published

Products (1)

oracle/jd_edwards_enterpriseone_tools 9.2

Published Apr 15, 2020

Tracked Since Feb 18, 2026