Oracle Weblogic Server Deserialization RMI UnicastRef Remote Code Execution

Discussion in 'News Aggregator' started by Packet Storm, 3 Apr 2019.

  1. Packet Storm

    Packet Storm Guest

    An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (sun.rmi.server.UnicastRef) to the interface to execute code on vulnerable hosts.

    Continue reading...
     
    #1 Packet Storm, 3 Apr 2019
(You must log in or sign up to post here.)

Share This Page

Loading...