Oracle WebLogic is an application server used for building and hosting Java-EE applications. A highly critical remote code execution vulnerability has been discovered in Oracle WebLogic application servers running the WLS9_ASYNC and WLS-WSAT components. The vulnerability was initially disclosed by China National Vulnerability Database under the tracker number CNVD-C-2019-48814. Later the vulnerability is assigned to … Continue reading “Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CNVD-C-2019-48814/CVE-2019-2725)”