ATTACK [PTsecurity] Oracle Weblogic unauth RCE (CVE-2020-14882)

SID: 10006254Rev: 114 views

Sourceptresearch/attackdetection

CreatedDecember 13, 2021

UpdatedDecember 13, 2021

Classificationattempted-admin

alert http any any -> any any (msg:"ATTACK [PTsecurity] Oracle Weblogic unauth RCE (CVE-2020-14882)"; flow:established, to_server; content:"%252E%252E"; http_raw_uri; content:"console.portal"; http_uri; content:"tangosol"; content:"coherence"; distance:0; content:"ShellSession"; distance:0; reference:url, twitter.com/jas502n/status/1321416053050667009; reference:url, testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf; reference:url, github.com/ptresearch/AttackDetection; reference:cve, 2020-14882; classtype:attempted-admin; sid:10006254; rev:1;)

References

url	twitter.com/jas502n/status/1321416053050667009
url	testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf
url	github.com/ptresearch/AttackDetection
cve	2020-14882

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!