A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild.
Oracle WebLogic is a scalable, Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products and services on the cloud. It’s popular across both, cloud environment and conventional environments.
Oracle WebLogic application reportedly contains a critical deserialisation remote code execution vulnerability that affects all versions of the software, which can be triggered if the “wls9_async_response.war” and “wls-wsat.war” components are enabled.
The vulnerability, spotted by the researchers from KnownSec 404, allows attackers to remotely execute arbitrary commands on the affected servers just by sending a specially crafted HTTP request—without requiring any authorisation.
images from Hacker News