ATTACK [PTsecurity] Oracle Weblogic unauth RCE (CVE-2020-14882)
Sourceptrules/open
Fileptopen-attacks.rules
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] Oracle Weblogic unauth RCE (CVE-2020-14882)"; flow:established, to_server ; content:"%252E%252E"; http_raw_uri; http.uri; content:"console.portal"; http.request_body; content:"tangosol"; content:"coherence"; distance:0; content:"ShellSession"; distance:0; reference:url, twitter.com/jas502n/status/1321416053050667009 ; reference:url, testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf ; reference:cve, 2020-14882 ; reference:url, rules.ptsecurity.com ; classtype:attempted-admin; sid:10006254; rev:2;)
References
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!