Exploit for #VU71318 Improper input validation in Oracle WebLogic Server

Exploit for #VU71318 Improper input validation in Oracle WebLogic Server

Published: 2023-06-09 | Updated: 2024-04-26

Vulnerability identifier: #VU71318

Vulnerability risk: Medium

CVSSv3.1: 7.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C]

CVE-ID: CVE-2023-21839

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 4

April 26, 2024
- CVE-2023-21839 (Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)) [Github]
June 27, 2023
- Weblogic-CVE-2023-21839 () [Github]
June 26, 2023
- CVE-2023-21839 (Weblogic CVE-2023-21839 / CVE-2023-21931 / CVE-2023-21979 一键检测) [Github]
June 9, 2023
- Oracle Weblogic PreAuth Remote Command Execution via ForeignOpaqueReference IIOP Deserialization [Metasploit]

Impact: Information disclosure

Vulnerable software:
Oracle WebLogic Server
Server applications / Application servers

Vendor: Oracle