Search the Community
Showing results for tags 'weblogic'.
-
This Metasploit module abuses a feature in WebLogic Server's Administration Console to install a malicious Java application in order to gain remote code execution. Authentication is required, however by default, Oracle ships with a "oats" account that you could log in with, which grants you administrator access. View the full article
-
- console
- administration
-
(and 8 more)
Tagged with:
-
An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (sun.rmi.server.UnicastRef) to the interface to execute code on vulnerable hosts. View the full article
-
- oracle
- deserialization
-
(and 7 more)
Tagged with: