CVE-2021-2109

This exploit leverages CVE-2021-2109, an RCE vulnerability in Oracle WebLogic Server, by using JNDI injection to execute arbitrary commands on the target system. It requires authentication and uses a Java-based LDAP listener to achieve remote code execution.

This repository contains a functional exploit for CVE-2021-2109, a deserialization vulnerability in Oracle WebLogic Server. The exploit leverages JNDI injection via LDAP to achieve remote code execution (RCE) by loading a malicious Java class.

This repository contains a functional Python exploit for CVE-2021-2109, a JNDI injection vulnerability in Oracle WebLogic Server. The exploit leverages LDAP for remote code execution, with support for both authenticated and unauthenticated attack vectors (via CVE-2020-14750).

This repository contains a functional PoC for CVE-2021-2109, a deserialization vulnerability in Oracle WebLogic Server. The script sends a crafted HTTP request to trigger JNDI injection via LDAP, leveraging an external JNDIExploit server for payload delivery.

The repository contains only a minimal README with a title and incorrect CVE reference (CVE-2022-2109 instead of CVE-2021-2109), with no exploit code, technical details, or additional content.

This repository contains a functional exploit for CVE-2021-2109, leveraging deserialization vulnerabilities in Adobe BlazeDS. The exploit includes multiple serialization/deserialization utilities and a payload execution mechanism.

This repository contains a Python script that scans for CVE-2021-2109, an Oracle WebLogic vulnerability, by checking for the presence of a specific path. It does not exploit the vulnerability but detects potential exposure.