Oracle WebLogic Server, Remote Code Execution, CVE-2020-14882 (Critical)

Listen to this Post

The CVE-2020-14882 vulnerability is an access control bypass flaw within the Oracle WebLogic Server console component. The vulnerability exists due to improper input validation and authorization checks on incoming HTTP requests for specific URL patterns. An attacker can craft a specially crafted HTTP GET request that targets specific, unauthorized endpoints. This request manipulates the URL path to bypass multiple layers of access control security. By appending certain characters and paths to the `/console/` endpoint, the attacker can trick the server into misrouting the request. This misrouting allows the request to reach administrative POST handlers that are normally protected. Since these handlers are now accessed via a GET request, they execute their functions without performing the required authorization checks. This flaw enables an unauthenticated attacker with network access to the WebLogic console to achieve complete takeover, resulting in remote code execution with high privileges on the underlying host.
Platform: Oracle WebLogic Server
Version: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0

Vulnerability : Access Control Bypass

Severity: Critical

date: 2020-10-20

Prediction: 2020-10-20

What Undercode Say:

`curl -v http://target:7001/console/images/%252E%252E%252Fconsole.portal`

`nmap -p7001 –script weblogic-cve-2020-14882 </h2>
<h2 style="color: blue;">
GET /console/css/%252e%252e%252fconsole.portal HTTP/1.1`

How Exploit:

Crafted GET request bypasses authentication.

Protection from this CVE

Apply Oracle CPU Oct 2020.

Impact:

Remote Code Execution.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top