EIP-2026-104034

PRE-CVE

Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104034. PoCs published by Silent Signal.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated remote code execution (RCE) vulnerability in Oracle GoldenGate by leveraging the GGSCI command interface to write and execute arbitrary commands. The exploit supports both Windows and Unix-like platforms and includes functionality for version detection and monitoring.

Description

Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution

Exploits (1)

exploitdb WORKING POC

by Silent Signal · pythonremotemultiple

https://www.exploit-db.com/exploits/41978

View Code ZIP pw:eip

This exploit demonstrates an unauthenticated remote code execution (RCE) vulnerability in Oracle GoldenGate by leveraging the GGSCI command interface to write and execute arbitrary commands. The exploit supports both Windows and Unix-like platforms and includes functionality for version detection and monitoring.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Oracle GoldenGate (versions 12.1.2.0.0 and possibly others)

No auth needed

Prerequisites: Network access to the Oracle GoldenGate Manager port (default 7809) · Vulnerable version of Oracle GoldenGate

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026