CVE-2020-2551

Description

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

NVD

Severity: CRITICAL
CVE ID: CVE-2020-2551
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Oracle

Severity: CRITICAL
CVE ID: CVE-2020-2551
CVSS Score: 9.8
CVSS Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Refrence: NVDMITRE

Proof Of Concept

Nuclei Templates for CVE-2020-2551

Refrence: Project Discovery GitHub

0xn0ne

weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力：CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883

Refrence: GitHub

jas502n

Weblogic RCE with IIOP

Refrence: GitHub

hktalent

how detect CVE-2020-2551 poc exploit python Weblogic RCE with IIOP

Refrence: GitHub

Y4er

Weblogic IIOP CVE-2020-2551

Refrence: GitHub

zzwlpx

Weblogic Vuln POC EXP cve-2020-2551 cve-2020-2555 cve-2020-2883 ，。。。

Refrence: GitHub

Dido1960

CVE-2020-2551 POC to use in Internet

Refrence: GitHub

DaMinGshidashi

Use shell to build weblogic debug environment for CVE-2020-2551

Refrence: GitHub

LTiDi2000

Refrence: GitHub

0xAbbarhSF

CVE-2020-2551 Exploiter

Refrence: GitHub

Content on GitHub

zhzyker | watchers:4026

exphub
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340

Refrence: GitHub

Ko-kn3t | watchers:3

CVE-2020-25515
Unrestricted File Upload in Simple Library Management System 1.0

Refrence: GitHub

DSO-Lab | watchers:83

defvul
DSO-Lab 漏洞研究成果整理

Refrence: GitHub

5l1v3r1 | watchers:0

CVE-2020-2553
CVE-2020-2551

Refrence: GitHub

Ko-kn3t | watchers:0

CVE-2020-25514
Login Bypass in Simple Library Management System 1.0

Refrence: GitHub