Recently a highly critical remote code execution vulnerability has been discovered in Oracle WebLogic application servers. On June 15, KnownSec 404 Team shared an advisory, according to them, the new vulnerability bypasses the latest Weblogic patch (CVE-2019-2725). An unauthenticated, remote attacker can send a crafted HTTP request to execute arbitrary commands on the Weblogic Servers. … Continue reading “Oracle WebLogic Deserialization Remote Code Execution Vulnerability (CVE-2019-2729)”