漏洞描述
【漏洞对象】涉及版本v10.3.6.0、v12.1.3.0、v12.2.1.0和v12.2.1.1<br>【漏洞描述】<br><br><font>OracleWebLogic Server10.3.6.0,12.1.3.0,12.2.1.0和12.2.1.1版本存在反序列化远程命令执行漏洞,恶意人员可以通过构造恶意请求报文远程执行命令,获取系统权限,存在严重的安全风险。</font>
weblogic-反序列化漏洞(CVE-2017-3248)
PoC代码
暂无相关漏洞推荐
-
CVE-2017-10271: WebLogic XMLDecoder 反序列化漏洞 CVE-2017-10271 POC
2025-09-01 | WebLogic XMLDecoderVulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WL... -
CVE-2020-14750: Oracle WebLogic Server - Remote Command Execution POC
2025-09-01 | Oracle WebLogic ServerOracle WebLogic Server 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 is susceptible ... -
CVE-2020-14883: Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution POC
The Oracle Fusion Middleware WebLogic Server admin console in versions 10.3.6.0.0, 12.1.3.0.0, 12.2.... -
CVE-2017-1000028: GlassFish LFI POC
2025-09-01 | GlassFishGlassFish是一款强健的商业兼容应用服务器,达到产品级质量,可免费用于开发、部署和重新分发。开发者可以免费获得源代码,还可以对代码进行更改。GlassFish漏洞成因:java语义中会把&quo... -
CVE-2017-1000486: Primetek Primefaces 5.x - Remote Code Execution POC
2025-09-01 | Primetek PrimefacesPrimetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution.