Home / os / winmobile

Oracle Weblogic Server Deserialization Remote Code Execution

Posted on 28 March 2019

This Metasploit module demonstrates that an unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (weblogic.jms.common.StreamMessag eImpl) to the interface to execute code on vulnerable hosts.

 

TOP

Malware :

Exploits :