You must Register or Sign in to your Cyware account to perform this action
×Once you are logged in, you will be able to:
Customize your feeds by selecting categories you like
Comment on or Like an article
Receive the latest security stories, trends, and insights in your inbox
Build your profile and login across multiple devices
Bookmark a story and read it later
- Home
- Hacker News
- Malware and Vulnerabilities
- New zero-day RCE flaw discovered in Oracle WebLogic servers

New zero-day RCE flaw discovered in Oracle WebLogic servers
New zero-day RCE flaw discovered in Oracle WebLogic servers- April 26, 2019
- |
- Malware and Vulnerabilities
/https://cystory-images.s3.amazonaws.com/shutterstock_439056304.jpg)
- The flaw is tracked as a remote execution flaw and was first spotted on April 21, 2019.
- The vulnerability can allow a hacker to take over the targeted systems by remotely executing commands without authorization.
A new zero-day flaw impacting Oracle WebLogic servers has been spotted in the wild. The flaw is tracked as a remote execution flaw and was first spotted on April 21, 2019.
The big picture - In a report, researchers from a Chinese cybersecurity firm KnownSec 404 revealed that the attackers are leveraging the zero-day RCE flaw to target Oracle WebLogic server running the WLS9_ASYNC and WLS-WSAT components. The vulnerability can allow a hacker to take over the targeted systems by remotely executing commands without authorization.
“Oracle WebLogic wls9_async and wls-wsat components trigger deserialization remote command execution vulnerability. This vulnerability affects all Weblogic versions (including the latest version) that have the wls9_async_response.war and wls-wsat.war components enabled,” KnownSec 404 researcher wrote in a blog post.
Why is Oracle WebLogic server a lucrative target - Over the past few years, attackers have been targeting Oracle WebLogic servers to conduct cryptomining operations.
For example, a hacker group made over $226,000 worth of Monero in late 2017 by exploiting CVE-2017-10271 in Oracle WebLogic servers.
In addition, as the servers are often deployed in enterprise settings and connected to other enterprise systems, the WebLogic servers could also be exploited to steal sensitive data.
Get such articles in your inbox
News
-
Previous News New Emotet trojan variant uses different POST-infection traffic to infect users
- April 26, 2019
- |
- Malware and Vulnerabilities
-
Next News Ransomware attack hits Cleveland Airport crippling email services and information screens
- April 26, 2019
- |
- Breaches and Incidents
Popular News
Related News
-
Unsupported D-Link routers vulnerable to RCE flaws
- October 29, 2019
- |
- Malware and Vulnerabilities
Categories
Get such articles in your inbox
News
-
Previous News New Emotet trojan variant uses different POST-infection traffic to infect users
- April 26, 2019
- |
- Malware and Vulnerabilities
-
Next News Ransomware attack hits Cleveland Airport crippling email services and information screens
- April 26, 2019
- |
- Breaches and Incidents
Popular News
Related News
-
Unsupported D-Link routers vulnerable to RCE flaws
- October 29, 2019
- |
- Malware and Vulnerabilities
Categories
