Concerned About Your Business Cyber Security?

(877) 321--7374

WebLogic Exploited in the Wild (Again), (Thu, May 3rd)

On April 17, 2018, Oracle patched yet another deserialization and remote execution vulnerability (CVE-2018-2628) in WebLogic. The day after, technical aspects of the vulnerability were explained in a Chinese blog post by Xinxi [1]. By the next day, April 19, a proof of concept exploit was released on GitHub by Brianwrf [2]. And, to finalize this part of the history, beginning on April 19, we noticed a scan spike on the WebLogic’s T3 potential vulnerable service (TCP/7001).

Ready For ASuperheroI.T. Solution?

Real Time Web Analytics