admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 18:52:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add CVE-2020-2551

Browse Source
This commit is contained in:
tardc 2020-04-22 13:33:41 +08:00
parent 6141407974
commit 42f538edbf
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
WebLogic/CVE-2020-2551/CVE-2020-2551.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 824 KiB

11
WebLogic/CVE-2020-2551/README.md Normal file
View File

@ -0,0 +1,11 @@
# CVE-2020-2551 WebLogic IIOP Remote Code Execution Vulnerability
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
**Affected version**: weblogic_server:10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0
**[FOFA](https://fofa.so/result?qbase64=YXBwPSJCRUEtV2ViTG9naWMtU2VydmVyIg%3D%3D) query rule**: app="BEA-WebLogic-Server"
# Demo
![](CVE-2020-2551.gif)