id: CVE-2018-2894 info: name: Oracle WebLogic RCE author: geeknik description: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. reference: https://blog.detectify.com/2018/11/14/technical-explanation-of-cve-2018-2894-oracle-weblogic-rce/ severity: critical tags: cve,cve2018,oracle,weblogic,rce requests: - method: GET path: - "{{BaseURL}}/ws_utc/config.do" redirects: true matchers: - type: word words: - "* Copyright (c) 2005,2013, Oracle" - "settings" conditon: and