7.5
CVSSv2

CVE-2018-2894

Published: 18/07/2018 Updated: 03/10/2019
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 684
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Vulnerability Trend

Affected Products

Vendor Product Versions
OracleWeblogic Server10.3.6.0.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3

Vendor Advisories

Oracle Critical Patch Update Advisory - July 2018 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous C ...

Github Repositories

CVE-2018-2894 CVE-2018-2894 (WebLogic 未授权访问致任意文件上传/RCE漏洞) 检查脚本

Weblogic CVE-2018-2894 CVE-2018-2894 0x01 前言 Oracle 7月更新中,修复了Weblogic Web Service Test Page中一处任意文件上传漏洞,Web Service Test Page 在“生产模式”下默认不开启,所以该漏洞有一定限制, 利用该漏洞,可以上传任意jsp文件,进而获取服务器权限。 0x02 漏洞环境 Ubuntu 1604 githubco

Weblogic任意文件上传漏洞(CVE-2018-2894) 最近大家都在说这个漏洞,大家都注意到configdo这里发生了问题,但是其实根据 mpweixinqqcom/s/y5JGmM-aNaHcs_6P9a-gRQ 这里的信息,begindo也是有问题。少扯淡,下面给出具体利用方法: 问题就出现下下面这个页面。 上传时候,修改name的值就可以

Toy-Box A toy box to save my python3 code toys Toys List RFC search RFC documents downloads tool zipPwn zip password crack tool SDscan sub-domain scan tool http_options_scan Dangerous HTTP options (PUT, MOVE) detection on the 80 or 443 port of the web server CVE-2018-9995_PoC Get TBK DVR uid and pwd CVE-2018-4407_PoC Crash iOS and OS X devices CVE-2015

软件作者:Tide_RabbitMask 免责声明:Pia!(o ‵-′)ノ”(ノ﹏<。) 本工具仅用于安全测试,请勿用于非法使用,要乖哦~ V22简介: 提供weblogic批量检测功能,收录几乎全部weblogic历史漏洞。 【没有遇到过weblogic批量检测工具的小朋友举起你的爪爪!】 PS: 综上:V2*系列不是V1*

软件作者:Tide_RabbitMask 免责声明:Pia!(o ‵-′)ノ”(ノ﹏<。) 本工具仅用于安全测试,请勿用于非法使用,要乖哦~ V22简介: 提供weblogic批量检测功能,收录几乎全部weblogic历史漏洞。 【没有遇到过weblogic批量检测工具的小朋友举起你的爪爪!】 PS: 综上:V2*系列不是V1*

WeblogicScan Weblogic一键漏洞检测工具,V13 软件作者:Tide_RabbitMask 免责声明:Pia!(o ‵-′)ノ”(ノ﹏<。) 本工具仅用于安全测试,请勿用于非法使用,要乖哦~ V 13功能介绍: 提供一键poc检测,收录几乎全部weblogic历史漏洞。 详情如下: #控制台路径泄露 Console #SSR

WeblogicScan Weblogic一键漏洞检测工具,V13 软件作者:Tide_RabbitMask 免责声明:Pia!(o ‵-′)ノ”(ノ﹏<。) 本工具仅用于安全测试,请勿用于非法使用,要乖哦~ V 13功能介绍: 提供一键poc检测,收录几乎全部weblogic历史漏洞。 详情如下: #控制台路径泄露 Console #SSR

WeblogicScan Weblogic一键漏洞检测工具,V13 软件作者:Tide_RabbitMask 免责声明:Pia!(o ‵-′)ノ”(ノ﹏<。) 本工具仅用于安全测试,请勿用于非法使用,要乖哦~ V 13功能介绍: 提供一键poc检测,收录几乎全部weblogic历史漏洞。 详情如下: #控制台路径泄露 Console #SSR

我的漏洞复现记录(持续更新中) CVE-NO STATUS RESULT REFERENCE 中间件漏洞 Tomcat 7086 CVE-2016-5003 FINISH FAIL 0ang3elblogspotru/2016/07/beware-of-ws-xmlrpc-library-in-yourhtml CVE-2016-5002 FINISH PASS 0ang3elblogspotru/2016/07/beware-of-ws-xmlrpc-library-in-yourhtml 8036 CVE-2016-8735 FINISH PASS gv7me/articles

WeblogicScan 增强版WeblogicScan 从rabbitmask大佬的WeblogicScan V12 版本修改而来。 修改前源项目地址:githubcom/rabbitmask/WeblogicScan DEFF 支持Python3 修复漏洞检测误报,漏洞检测结果更精确 添加CVE-2019-2729, CVE-2019-2618漏洞检测 插件化漏洞扫描组件 添加彩色打印 INSTALL pip3 install -r requirementstxt

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I <3 pull requests :) You can also contribute with a beer IRL or with buymeacoffeecom Every section contains the following files, you can use the _template_vuln folder to create a new chapter: READMEmd - vulnerability d

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I pull requests :) You can also contribute with a IRL or with buymeacoffeecom Every section contains the following files, you can use the _template_vuln folder to create a new chapter: READMEmd - vulnerability description an

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I <3 pull requests :) You can also contribute with a beer IRL or with buymeacoffeecom Every section contains: READMEmd - vulnerability description and how to exploit it Intruders - a set of files to give to Burp Intrude

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I <3 pull requests :) You can also contribute with a beer IRL or with buymeacoffeecom Every section contains: READMEmd - vulnerability description and how to exploit it Intruders - a set of files to give to Burp Intrude

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I <3 pull requests :) You can also contribute with a beer IRL or with buymeacoffeecom Every section contains the following files, you can use the _template_vuln folder to create a new chapter: READMEmd - vulnerability d

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I <3 pull requests :) You can also contribute with a beer IRL or with buymeacoffeecom Every section contains the following files, you can use the _template_vuln folder to create a new chapter: READMEmd - vulnerability d

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I <3 pull requests :) You can also contribute with a beer IRL or with buymeacoffeecom Every section contains the following files, you can use the _template_vuln folder to create a new chapter: READMEmd - vulnerability d

List of payloads and methodologies for CTF/pentesting/websec

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I pull requests :) You can also contribute with a IRL or with buymeacoffeecom Every section contains the following files, you can use the _template_vuln folder to create a new chapter: READMEmd - vulnerability description an

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I pull requests :) You can also contribute with a IRL Every section contains the following files, you can use the _template_vuln folder to create a new chapter: READMEmd - vulnerability description and how to exploit it Intrud

Payloads_All_The_Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I <3 pull requests :) You can also contribute with a beer IRL or with buymeacoffeecom Every section contains the following files, you can use the _template_vuln folder to create a new chapter: READMEmd - vulnerability d

Payloads All The Things A list of useful payloads and bypasses for Web Application Security Feel free to improve with your payloads and techniques ! I pull requests :) You can also contribute with a beer IRL or with buymeacoffeecom Every section contains the following files, you can use the _template_vuln folder to create a new chapter: READMEmd - vulnerability descriptio

PayloadsAllTheThings_bak

No description, website, or topics provided.

LDAPi: add scripts and dorks

No description, website, or topics provided.

LDAPi: add scripts and dorks

抓取 Weblogic 等 Oracle 组件的历史漏洞信息

红方人员作战执行手册

红方人员作战执行手册

Jok3r v3 beta Network & Web Pentest Automation Framework wwwjok3r-frameworkcomWARNING: Project is still in version 3 BETA It is still under active development and bugs might be present Many tests are going on: see githubcom/koutto/jok3r/blob/master/tests/TESTSrst Ideas, bug reports, contributions are welcome ! Overview Features Demos Architecture

gocarts(go-CERT-alerts-summarizer) gocarts checks alerts of X-CERT (eg JPCERT, US-CERT) This project refers to knqyf263/gost Abstract gocarts is written in Go, and therefore you can just grab the binary releases and drop it in your $PATH gocarts summarizes alerts by CVE ID You can search alert's detail by CVE ID Main features gocarts has the following features S

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents ASP Arduino Assembly AutoHotkey AutoIt Batchfile C C# C++ CSS CoffeeScript Dockerfile Emacs Lisp Erlang Game Maker Language Go HTML Haskell Java JavaScript Jupyter Notebook KiCad Kotlin Logos Lua M Makefile Markdown Mask Max Nginx Objective-C Objective-C++ Others PHP PLpgSQL Pascal Perl PostScri

项目简介 信息收集、攻击尝试获得权限、持久性控制、权限提升、网络信息收集、横向移动、数据分析(在这个基础上再做持久化控制)、擦痕迹。 address | introduce | -|-|- 名字 | 介绍 | 安全相关资源列表 arxivorg 康奈尔大学(Cornell University)开放文档 githubcom/sindresorhus/awesome

项目简介 信息收集、攻击尝试获得权限、持久性控制、权限提升、网络信息收集、横向移动、数据分析(在这个基础上再做持久化控制)、擦痕迹。 安全相关资源列表 arxivorg 康奈尔大学(Cornell University)开放文档 githubcom/sindresorhus/awesome awesome系列 wwwowasporgcn/owasp-pr

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :

Recent Articles

So long and thanks for all the fixes: ERPScan left out of credits on Oracle bug-bash list
The Register • John Leyden • 18 Jul 2018

App security firm sanctioned in US over ties with Russia

Oracle fixed 17 flaws in its products found by ERPScan researchers without acknowledging the application security firm, which was recently and controversially sanctioned in the US.
ERPScan said vulnerabilities it uncovered affect six different business applications. Left unpatched, they potentially allow attackers access to sensitive business data. The bugs range from remote code execution and cross-site scripting to authentication bypass and memory corruption.
The flaws spotted by E...