漏洞描述
WebLogic Server 是一个适用于云环境和传统环境的应用服务器组件。WebLogic uddiexplorer 存在服务端请求伪造漏洞(CVE-2014-4210),攻击者可以通过该漏洞发送伪造请求,探测内网敏感信息或攻击内网服务器。
Weblogic uddiexplorer 服务端请求伪造漏洞(CVE-2014-4210)
PoC代码
暂无相关漏洞推荐
- weblogic-ssrf: weblogic ssrf
- POC CVE-2014-4210: Oracle Weblogic - Server-Side Request Forgery
- POC CVE-2017-10271: Oracle WebLogic Server - Remote Command Execution
- POC CVE-2017-3506: Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution
- POC CVE-2018-2894: Oracle WebLogic Server - Remote Code Execution
- POC CVE-2019-2725: Oracle WebLogic Server - Remote Command Execution
- POC CVE-2019-2729: Oracle WebLogic Server Administration Console - Remote Code Execution
- POC CVE-2020-14750: Oracle WebLogic Server - Remote Command Execution
- POC CVE-2020-14882: Oracle Weblogic Server - Remote Command Execution
- POC CVE-2020-14883: Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution
- POC CVE-2020-2551: Oracle WebLogic Server - Remote Code Execution
- POC CVE-2022-21371: Oracle WebLogic Server Local File Inclusion
- POC CVE-2016-3510: Oracle WebLogic Server Java Object Deserialization - Remote Code Execution