CVE-2017-3506CISA KEV: Actively Exploited

Oracle WebLogic Server OS Command Injection Vulnerability

Published Jun 3, 2024·Updated Jun 3, 2024

Description

Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability that allows an attacker to execute arbitrary code via a specially crafted HTTP request that includes a malicious XML document.

Public Exploits & PoCs2 found

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free