header-logo
Suggest Exploit
vendor:
WebLogic Server
by:
Bobsecq
9.8
CVSS
CRITICAL
Oracle WebLogic RMI Registry UnicastRef Object Java Deserialization Remote Code Execution
502
CWE
Product Name: WebLogic Server
Affected Version From: 10.3.6.0
Affected Version To: 12.2.1.1
Patch Exists: YES
Related CWE: CVE-2017-3248
CPE: a:oracle:weblogic_server
Metasploit: https://www.rapid7.com/db/vulnerabilities/oracle-weblogic-cve-2017-3248/
Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=96803https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/multi/misc/weblogic_deserialize_unicastrefhttps://www.infosecmatter.com/nessus-plugin-library/?id=96610https://www.infosecmatter.com/nessus-plugin-library/?id=99118https://www.infosecmatter.com/nessus-plugin-library/?id=99090https://www.infosecmatter.com/nessus-plugin-library/?id=99092https://www.infosecmatter.com/nessus-plugin-library/?id=99174https://www.infosecmatter.com/nessus-plugin-library/?id=99120https://www.infosecmatter.com/nessus-plugin-library/?id=99157https://www.infosecmatter.com/nessus-plugin-library/?id=99173
Platforms Tested: Tested on 12.1.2.0
2017

Exploiting CVE-2017-3248

This script is the first public exploit/POC for exploiting CVE-2017-3248, a vulnerability in Oracle WebLogic RMI Registry UnicastRef Object Java Deserialization that allows for remote code execution. It checks if a WebLogic server is vulnerable and needs the last version of Ysoserial. Affected versions are 10.3.6.0, 12.1.3.0, 12.2.1.0, and 12.2.1.1.

Mitigation:

Oracle has released a patch for this vulnerability. Users should update their systems to the latest version.
Source

Exploit-DB raw data:

Navigation

Suggest Exploit

Services By CQR