Oracle Weblogic Server Deserialization MarshalledObject Remote Code Execution

Discussion in 'News Aggregator' started by Packet Storm, 2 Apr 2019.

  1. Packet Storm

    Packet Storm Guest

    An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (weblogic.corba.utils.MarshalledObject) to the interface to execute code on vulnerable hosts.

    Continue reading...
     
    #1 Packet Storm, 2 Apr 2019
(You must log in or sign up to post here.)

Share This Page

Loading...