ATTACK [PTsecurity] Oracle Weblogic unauth RCE (CVE-2020-14882)

SID: 10006254Rev: 2Enabled68 views
Fileptopen-attacks.rules
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] Oracle Weblogic unauth RCE (CVE-2020-14882)"; flow:established, to_server; content:"%252E%252E"; http_raw_uri; http.uri; content:"console.portal"; http.request_body; content:"tangosol"; content:"coherence"; distance:0; content:"ShellSession"; distance:0; reference:url, twitter.com/jas502n/status/1321416053050667009; reference:url, testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf; reference:cve, 2020-14882; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10006254; rev:2;)

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!