Exploit for #VU9815 Denial of service in Oracle WebLogic Server

Published: 2020-03-18 | Updated: 2021-06-17

Vulnerability identifier: #VU9815

Vulnerability risk: Low

CVSSv4.0: 8.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2017-10271

CWE-ID: CWE-284

Exploitation vector: Network

Exploits in database: 16

June 17, 2021
- Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit) [Exploit-DB]
- Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution [Exploit-DB]
- Oracle WebLogic Server 10.3.6.0.0 / 12.x - Remote Command Execution [Exploit-DB]
April 12, 2021
- cve-exploits () [Github]
April 7, 2020
- exphub (Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340) [Github]
- Exploits (Containing Self Made Perl Reproducers / PoC Codes) [Github]
March 18, 2020

Vulnerable software:
Oracle WebLogic Server
Server applications / Application servers

Vendor: Oracle