.. / CVE-2018-2894

Exploit for Oracle WebLogic Server - Remote Code Execution (CVE-2018-2894)

Description:

The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services) is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3.

Nuclei Template

View the template here CVE-2018-2894.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2018/CVE-2018-2894.yaml

References:

https://blog.detectify.com/2018/11/14/technical-explanation-of-cve-2018-2894-oracle-weblogic-rce/
https://nvd.nist.gov/vuln/detail/CVE-2018-2894
https://github.com/vulhub/vulhub/tree/fda47b97c7d2809660a4471539cd0e6dbf8fac8c/weblogic/CVE-2018-2894
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.securitytracker.com/id/1041301

.. / CVE-2018-2894 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Oracle WebLogic Server - Remote Code Execution (CVE-2018-2894)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2018-2894