CVE-2017-10271
0xhunster opened this issue · comments
CVE-2017-10271
Description
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
POC
Reference
No PoCs from references.
Github
- https://github.com/0day666/Vulnerability-verification
- https://github.com/0x0d3ad/Kn0ck
- https://github.com/0xh4di/PayloadsAllTheThings
- https://github.com/0xn0ne/weblogicScanner
- https://github.com/1120362990/vulnerability-list
- https://github.com/1337g/CVE-2017-10271
- https://github.com/3vikram/Application-Vulnerabilities-Payloads
- https://github.com/7kbstorm/WebLogic_CNVD_C2019_48814
- https://github.com/84KaliPleXon3/Payloads_All_The_Things
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/AidoWedo/Awesome-Honeypots
- https://github.com/Al1ex/CVE-2017-10271
- https://github.com/Amar224/Pentest-Tools
- https://github.com/AnonVulc/Pentest-Tools
- https://github.com/Bywalks/WeblogicScan
- https://github.com/CLincat/vulcat
- https://github.com/Cymmetria/weblogic_honeypot
- https://github.com/Delishsploits/PayloadsAndMethodology
- https://github.com/DynamicDesignz/Alien-Framework
- https://github.com/ETOCheney/JavaDeserialization
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/Flerov/WindowsExploitDev
- https://github.com/FoolMitAh/WeblogicScan
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
- https://github.com/GuynnR/Payloads
- https://github.com/Hackinfinity/Honey-Pots-
- https://github.com/JackyTsuuuy/weblogic_wls_rce_poc-exp
- https://github.com/Jean-Francois-C/Windows-Penetration-Testing
- https://github.com/Luffin/CVE-2017-10271
- https://github.com/Micr067/CMS-Hunter
- https://github.com/Muhammd/Awesome-Payloads
- https://github.com/Nieuport/-awesome-honeypots-
- https://github.com/Nieuport/PayloadsAllTheThings
- https://github.com/Ondrik8/-Security
- https://github.com/PalindromeLabs/Java-Deserialization-CVEs
- https://github.com/ParrotSec-CN/ParrotSecCN_Community_QQbot
- https://github.com/Pasyware/Honeypot_Projects
- https://github.com/Pav-ksd-pl/PayloadsAllTheThings
- https://github.com/Prodject/Kn0ck
- https://github.com/R0B1NL1N/Oracle-WebLogic-WLS-WSAT
- https://github.com/Ra7mo0on/PayloadsAllTheThings
- https://github.com/S3cur3Th1sSh1t/Pentest-Tools
- https://github.com/SecWiki/CMS-Hunter
- https://github.com/SexyBeast233/SecBooks
- https://github.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961
- https://github.com/SuperHacker-liuan/cve-2017-10271-poc
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/Weik1/Artillery
- https://github.com/WingsSec/Meppo
- https://github.com/XHSecurity/Oracle-WebLogic-CVE-2017-10271
- https://github.com/XPR1M3/Payloads_All_The_Things
- https://github.com/Yuusuke4/WebLogic_CNVD_C_2019_48814
- https://github.com/ZH3FENG/PoCs-Weblogic_2017_10271
- https://github.com/amcai/myscan
- https://github.com/andrysec/PayloadsAllVulnerability
- https://github.com/anhtu97/PayloadAllEverything
- https://github.com/apkadmin/PayLoadsAll
- https://github.com/awake1t/Awesome-hacking-tools
- https://github.com/awsassets/weblogic_exploit
- https://github.com/bigblackhat/oFx
- https://github.com/bigsizeme/weblogic-XMLDecoder
- https://github.com/birdhan/Security_Product
- https://github.com/bmcculley/CVE-2017-10271
- https://github.com/c0mmand3rOpSec/CVE-2017-10271
- https://github.com/chanchalpatra/payload
- https://github.com/cjjduck/weblogic_wls_wsat_rce
- https://github.com/cqkenuo/Weblogic-scan
- https://github.com/cranelab/exploit-development
- https://github.com/cross2to/betaseclab_tools
- https://github.com/cved-sources/cve-2017-10271
- https://github.com/diggid4ever/Weblogic-XMLDecoder-POC
- https://github.com/do0dl3/myhktools
- https://github.com/dr0op/WeblogicScan
- https://github.com/eric-erki/awesome-honeypots
- https://github.com/falocab/PayloadsAllTheThings
- https://github.com/fengjixuchui/RedTeamer
- https://github.com/forhub2021/weblogicScanner
- https://github.com/hack-parthsharma/Pentest-Tools
- https://github.com/hanc00l/some_pocsuite
- https://github.com/hellochunqiu/PayloadsAllTheThings
- https://github.com/hktalent/TOP
- https://github.com/hktalent/myhktools
- https://github.com/hmoytx/weblogicscan
- https://github.com/ianxtianxt/-CVE-2017-10271-
- https://github.com/iqrok/myhktools
- https://github.com/jas502n/CNVD-C-2019-48814
- https://github.com/jas502n/cve-2019-2618
- https://github.com/jiangsir404/POC-S
- https://github.com/jinhaozcp/weblogic
- https://github.com/jstang9527/gofor
- https://github.com/kbsec/Weblogic_Wsat_RCE
- https://github.com/kingkaki/weblogic-scan
- https://github.com/kkirsche/CVE-2017-10271
- https://github.com/klausware/Java-Deserialization-Cheat-Sheet
- https://github.com/koutto/jok3r-pocs
- https://github.com/ksw9722/PayloadsAllTheThings
- https://github.com/langu-xyz/JavaVulnMap
- https://github.com/lonehand/Oracle-WebLogic-CVE-2017-10271-master
- https://github.com/lp008/Hack-readme
- https://github.com/m1dsummer/AD-2021
- https://github.com/maya6/-scan-
- https://github.com/merlinepedra/Pentest-Tools
- https://github.com/merlinepedra25/Pentest-Tools
- https://github.com/merlinepedra25/Pentest-Tools-1
- https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
- https://github.com/mrhacker51/ReverseShellCommands
- https://github.com/nevidimk0/PayloadsAllTheThings
- https://github.com/nihaohello/N-MiddlewareScan
- https://github.com/nitishbadole/Pentest_Tools
- https://github.com/oneplus-x/Sn1per
- https://github.com/oneplus-x/jok3r
- https://github.com/openx-org/BLEN
- https://github.com/p1ay8y3ar/cve_monitor
- https://github.com/papa-anniekey/CustomSignatures
- https://github.com/paralax/awesome-honeypots
- https://github.com/password520/RedTeamer
- https://github.com/pathakabhi24/Pentest-Tools
- https://github.com/paulveillard/cybersecurity-exploit-development
- https://github.com/paulveillard/cybersecurity-honeypots
- https://github.com/peterpeter228/Oracle-WebLogic-CVE-2017-10271
- https://github.com/pimps/CVE-2019-2725
- https://github.com/pizza-power/weblogic-CVE-2019-2729-POC
- https://github.com/pjgmonteiro/Pentest-tools
- https://github.com/pssss/CVE-2017-10271
- https://github.com/pwnagelabs/VEF
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/qince1455373819/awesome-honeypots
- https://github.com/r0eXpeR/redteam_vul
- https://github.com/r4b3rt/CVE-2017-10271
- https://github.com/rambleZzz/weblogic_CVE_2017_10271
- https://github.com/ranjan-prp/PayloadsAllTheThings
- https://github.com/ravijainpro/payloads_xss
- https://github.com/retr0-13/Pentest-Tools
- https://github.com/rockmelodies/rocComExpRce
- https://github.com/s3xy/CVE-2017-10271
- https://github.com/safe6Sec/WeblogicVuln
- https://github.com/safe6Sec/wlsEnv
- https://github.com/sankitanitdgp/san_honeypot_resources
- https://github.com/seruling/weblogic-wsat-scan
- https://github.com/severnake/Pentest-Tools
- https://github.com/shack2/javaserializetools
- https://github.com/skytina/CNVD-C-2019-48814-COMMON
- https://github.com/sobinge/--1
- https://github.com/sobinge/PayloadsAllTheThings
- https://github.com/sobinge/PayloadsAllThesobinge
- https://github.com/sobinge/nuclei-templates
- https://github.com/soosmile/cms-V
- https://github.com/sp4zcmd/WeblogicExploit-GUI
- https://github.com/superfish9/pt
- https://github.com/svbjdbk123/-
- https://github.com/tdcoming/Vulnerability-engine
- https://github.com/testwc/CVE-2017-10271
- https://github.com/theyoge/AD-Pentesting-Tools
- https://github.com/tomoyamachi/gocarts
- https://github.com/unusualwork/Sn1per
- https://github.com/winterwolf32/PayloadsAllTheThings
- https://github.com/wisoez/Awesome-honeypots
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/yaklang/vulinone
- https://github.com/yige666/CMS-Hunter
- https://github.com/zema1/oracle-vuln-crawler
- https://github.com/zyylhn/zscan-poc-check
- https://github.com/zzwlpx/weblogic
- https://github.com/1337g/CVE-2017-10271
- https://github.com/XHSecurity/Oracle-WebLogic-CVE-2017-10271
- https://github.com/bmcculley/CVE-2017-10271
- https://github.com/lonehand/Oracle-WebLogic-CVE-2017-10271-master
- https://github.com/peterpeter228/Oracle-WebLogic-CVE-2017-10271