漏洞描述
【漏洞对象】Weblogic<br>【涉及版本】v10.3.6.0v12.1.3.0v12.2.1.3<br>【漏洞描述】<br><br>远程攻击者可利用该漏洞在未授权的情况下发送攻击数据,通过T3协议在WeblogicServer中执行反序列化操作,利用RMI(远程方法调用) 机制的缺陷,通过 JRMP 协议达到执行任意反序列化 payload 的目的。
Weblogic-反序列化远程代码执行漏洞(CVE-2018-3245)
PoC代码
暂无相关漏洞推荐
-
CVE-2017-10271: WebLogic XMLDecoder 反序列化漏洞 CVE-2017-10271 POC
2025-09-01 | WebLogic XMLDecoderVulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WL... -
CVE-2020-14750: Oracle WebLogic Server - Remote Command Execution POC
2025-09-01 | Oracle WebLogic ServerOracle WebLogic Server 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 is susceptible ... -
CVE-2020-14883: Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution POC
The Oracle Fusion Middleware WebLogic Server admin console in versions 10.3.6.0.0, 12.1.3.0.0, 12.2.... -
CVE-2018-1000600: Pre-auth Fully-responded SSRF POC
2025-09-01 | Pre-authA exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier... -
CVE-2018-1000861: Jenkins 2.138 Remote Command Execution POC
2025-09-01 | JenkinsA code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier...