CVE-2022-21587

CRITICAL KEV RANSOMWARE NUCLEI

Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload

Title source: metasploit

Description

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Exploits (8)

nomisec WORKING POC 15 stars
by hieuminhnv · remote
https://github.com/hieuminhnv/CVE-2022-21587-POC
nomisec WORKING POC 6 stars
by sahabrifki · remote
https://github.com/sahabrifki/CVE-2022-21587-Oracle-EBS-
nomisec WORKING POC 1 stars
by rockmelodies · remote
https://github.com/rockmelodies/Oracle-E-BS-CVE-2022-21587-Exploit
vulncheck_xdb WORKING POC
infoleak
https://github.com/anmolksachan/CVE-2022-21587
metasploit WORKING POC EXCELLENT
by sf, HMs, l1k3beef · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/oracle_ebs_rce_cve_2022_21587.rb

Nuclei Templates (1)

Oracle E-Business Suite 12.2.3 -12.2.11 - Remote Code Execution
CRITICALby rootxharsh,iamnoooob,pdresearch,dogasantos,s4e-io
Shodan: http.title:"login" "x-oracle-dms-ecid" 200
FOFA: title="login" "x-oracle-dms-ecid" 200

References (3)

Scores

CVSS v3 9.8
EPSS 0.9440
EPSS Percentile 100.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2023-02-02
VulnCheck KEV 2023-02-02
InTheWild.io 2023-02-02
ENISA EUVD EUVD-2022-26811
Ransomware Use Confirmed
CWE
CWE-306
Status published
Products (1)
oracle/e-business_suite 12.2.3 - 12.2.11
Published Oct 18, 2022
KEV Added Feb 02, 2023
Tracked Since Feb 18, 2026