CVE-2018-2628

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are...

Basic Information

CVE State: PUBLISHED
Reserved Date: December 15, 2017
Published Date: April 19, 2018
Last Updated: October 03, 2024
Vendor: Oracle Corporation
Product: WebLogic Server
Description: Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2022-09-08 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2018-04-18 10:50:09 UTC) Source

References

https://github.com/brianwrf/CVE-2018-2628 https://www.exploit-db.com/exploits/44553/ http://www.securityfocus.com/bid/103776 http://www.securitytracker.com/id/1040696 https://www.exploit-db.com/exploits/46513/ http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html https://www.exploit-db.com/exploits/45193/

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-09-08 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/weblogic_deserialize.rb	2025-04-29 11:01:25 UTC
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/network/cves/2018/CVE-2018-2628.yaml	2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

weblogic_deserialize

Type: metasploit • Created: Unknown

Metasploit module for CVE-2018-2628

0xMJ/CVE-2018-2628

Type: github • Created: 2019-01-07 11:47:59 UTC • Stars: 12

漏洞利用工具

Lighird/CVE-2018-2628

Type: github • Created: 2018-10-30 03:26:16 UTC • Stars: 9

CVE-2018-2628漏洞工具包

likekabin/CVE-2018-2628

Type: github • Created: 2018-07-02 09:00:34 UTC • Stars: 3

jas502n/CVE-2018-2628

Type: github • Created: 2018-06-05 11:00:40 UTC • Stars: 104

Weblogic 反序列化漏洞(CVE-2018-2628)

Shadowshusky/CVE-2018-2628all

Type: github • Created: 2018-04-20 01:24:17 UTC • Stars: 2

9uest/CVE-2018-2628

Type: github • Created: 2018-04-19 15:56:49 UTC • Stars: 1

victor0013/CVE-2018-2628

Type: github • Created: 2018-04-19 03:19:15 UTC • Stars: 1

CVE-2018-2628

aedoo/CVE-2018-2628-MultiThreading

Type: github • Created: 2018-04-18 17:50:29 UTC • Stars: 15

WebLogic WLS核心组件反序列化漏洞多线程批量检测脚本 CVE-2018-2628-MultiThreading

zjxzjx/CVE-2018-2628-detect

Type: github • Created: 2018-04-18 17:28:44 UTC • Stars: 2

skydarker/CVE-2018-2628

Type: github • Created: 2018-04-18 10:50:09 UTC • Stars: 1

CVE-2018-2628

shengqi158/CVE-2018-2628

Type: github • Created: 2018-04-18 05:41:23 UTC • Stars: 78

CVE-2018-2628 & CVE-2018-2893