Oracle Weblogic PreAuth Remote Command Execution

Oracle Weblogic versions 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 prior to the Jan 2023 security update are vulnerable to an unauthenticated remote code execution vulnerability due to a post deserialization vulnerability. This Metasploit module exploits this vulnerability to trigger the JNDI connection to a LDAP server you control. The LDAP server will then respond with a remote reference response that points to a HTTP server that you control, where the malicious Java class file will be hosted. Oracle Weblogic will then make …

1.0.0 1.1.0 code code execution command control deserialization exploits jndi ldap metasploit oracle remote code remote code execution respond security security update server trigger update vulnerability vulnerable weblogic