module
Oracle Weblogic Server Deserialization RCE - RMI UnicastRef
| Disclosed |
|---|
| Jan 25, 2017 |
Disclosed
Jan 25, 2017
Description
An unauthenticated attacker with network access to the Oracle Weblogic Server T3
interface can send a serialized object (sun.rmi.server.UnicastRef)
to the interface to execute code on vulnerable hosts.
interface can send a serialized object (sun.rmi.server.UnicastRef)
to the interface to execute code on vulnerable hosts.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.