{"vulnerability": "CVE-2020-2551", "sightings": [{"uuid": "3ef73de9-c39c-424a-b4cf-9a1b04bb0afa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-11-16T18:10:02.000000Z"}, {"uuid": "e549433d-201d-41c5-ba07-e4be7ce0ae9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971923", "content": "", "creation_timestamp": "2024-12-24T20:35:41.967469Z"}, {"uuid": "dd489dd8-c906-4229-9762-ed5c6a503aa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:11.000000Z"}, {"uuid": "3276eeb7-9874-4712-912c-949eb4741a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:49.000000Z"}, {"uuid": "bc52c8ff-ae7b-4cf2-a9dd-b728db2dfc76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2020-2551", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b5dbf782-f223-4538-8588-dee1258fbcad", "content": "", "creation_timestamp": "2026-02-02T12:26:46.008061Z"}, {"uuid": "0513119e-9bb1-48c2-832f-7dc5a413089a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4462", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-2551\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2020-01-15T17:15:17.190\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpujan2020.html\n2. https://www.oracle.com/security-alerts/cpujan2020.html", "creation_timestamp": "2025-02-14T17:11:49.000000Z"}, {"uuid": "8df8e13f-24c8-463d-81ed-11fd3994602d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "seen", "source": "Telegram/mzyUmHR7-Zp8nbIBHm_akcpTyLUQabY6bup06xjgPM1bGIJ-", "content": "", "creation_timestamp": "2025-02-14T21:08:32.000000Z"}, {"uuid": "c3f9d1b9-28d1-460c-980e-0d51788cf1e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "Telegram/5CPDoGea4VxlGpUWdnippgkEikQaqjZZ0eR1kfQrZYnd55E", "content": "", "creation_timestamp": "2025-11-06T15:00:06.000000Z"}, {"uuid": "d6dca25c-b764-42f1-a80a-d481fce83449", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/13943", "content": "https://github.com/0xn0ne/weblogicScanner\n\nweblogic\nCVE-2014-4210,\nCVE-2016-0638/3510,\nCVE-2017-3248/3506/10271,\nCVE-2018-2628/2893/2894/3191/3245/3252, CVE-2019-2618/2725/2729/2890, CVE-2020-2551)", "creation_timestamp": "2024-07-18T20:18:18.000000Z"}, {"uuid": "7511e183-a9c6-4225-a70a-e04433ead48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "https://t.me/infosec1z/47", "content": "\ud83d\udd30Top 10 vulnerabilities in 2020:\n\n 1. CVE-2020-12720: vBulletin SQL Injection (OWASP 1: Injection)\n\n 2. CVE-2020-5902: F5 BIG IP RCE and LFI (OWASP 1: Injection)\n\n\ud83c\udfa5 CVE PoC videos\n\nhttps://youtu.be/-ppzdYDk-ZM\n\nhttps://youtube.com/playlist?list=PLiVfOzljj-46iFcif16qMaPP84ZxCZ4Mb\n\n\n\n 3. CVE-2020-15506: MobileIron Core Authentication Bypass\n (OWASP 2: Broken Authentication)\n\n 4. CVE-2020-14882: Oracle WebLogic RCE (OWASP 1: Injection)\n\n 5. CVE-2020-14750: Oracle WebLogic RCE (OWASP 1: Injection)\n\n 6. CVE-2020-17530: Apache Struts 2 RCE (OWASP 1: Injection)\n\n\ud83c\udfa5 CVE PoC videos\n\nhttps://youtu.be/MUAAwijvAe8\n\n\n 7. CVE-2020-2551: Oracle WebLogic RCE (OWASP 1: Injection)\n\n 8. CVE-2020-13379: Grafana SSRF\n (OWASP 3: Broken Access Control)\n\n 9. CVE-2020-1147: Microsoft SharePoint Server RCE\n (OWASP 1: Injection)\n\n 10. CVE-2020-8209: Citrix XenMobile Server Path Traversal\n (OWASP 3: Broken Access Control)\n\n\n\u2796\u2796 @infosec1z \u2796\u2796", "creation_timestamp": "2021-09-05T16:58:17.000000Z"}, {"uuid": "68bd5d95-782d-44d7-91a2-fa482cac5055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1317", "content": "https://github.com/0xn0ne/weblogicScanner\n\nweblogic\nCVE-2014-4210,\nCVE-2016-0638/3510,\nCVE-2017-3248/3506/10271,\nCVE-2018-2628/2893/2894/3191/3245/3252, CVE-2019-2618/2725/2729/2890, CVE-2020-2551)", "creation_timestamp": "2024-07-18T20:18:18.000000Z"}, {"uuid": "10a00c33-2d17-4bd3-af90-aa02390e38f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "Telegram/tUBNTXdlgI2JnOsxm2BH_fYjeL1YIR1JLQHuCZ2rvrep0g4", "content": "", "creation_timestamp": "2023-03-06T18:56:09.000000Z"}, {"uuid": "b6f13ed8-8458-4604-a491-1e95ebd9db8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "seen", "source": "https://t.me/arpsyndicate/1868", "content": "#ExploitObserverAlert\n\nCVE-2020-2551\n\nDESCRIPTION: Exploit Observer has 129 entries related to CVE-2020-2551. Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).\n\nFIRST-EPSS: 0.975030000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T00:02:13.000000Z"}, {"uuid": "03cc8a31-3305-44de-8dc8-56366d77e41d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/3745", "content": "CVE-2020-2551 Weblogic RCE with IIOP\nhttps://github.com/jas502n/CVE-2020-2551", "creation_timestamp": "2023-01-06T07:19:03.000000Z"}, {"uuid": "338a86c7-96db-444d-b01d-966c0f0a7d55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "seen", "source": "https://t.me/reconshell/599", "content": "Weblogic-Framework best tool for detecting weblogic vulnerabilities\n\n#vulnerabilities #weblogic #vulnerability \n#CVE-2020-2883 #CVE-2020-2555 #CVE-2020-2551\n\nhttps://upurl.me/rltsw", "creation_timestamp": "2021-03-27T21:09:01.000000Z"}, {"uuid": "73a62272-6e6f-4be8-a2b3-6e5bea19664e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "seen", "source": "https://t.me/HackerOne/2598", "content": "CVE-2020-2551 Weblogic Remote Code Execute RCE With IIOP\n#RCE #Weblogic\n@securation", "creation_timestamp": "2020-01-21T19:54:53.000000Z"}, {"uuid": "45223510-7231-430b-84f0-d1de2fb0b04e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2807", "content": "https://github.com/0xn0ne/weblogicScanner\n\nweblogic \u6f0f\u6d1e\u626b\u63cf\u5de5\u5177\u3002\u76ee\u524d\u5305\u542b\u5bf9\u4ee5\u4e0b\u6f0f\u6d1e\u7684\u68c0\u6d4b\u80fd\u529b\uff1a\nCVE-2014-4210,\nCVE-2016-0638/3510,\nCVE-2017-3248/3506/10271,\nCVE-2018-2628/2893/2894/3191/3245/3252, CVE-2019-2618/2725/2729/2890, CVE-2020-2551)\n\n#github #tools #exploit", "creation_timestamp": "2024-07-18T16:40:25.000000Z"}, {"uuid": "d5845e60-4ea4-4855-a685-f390732f71a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7872", "content": "#tools\n#Offensive_security\n1. Ladon hacking Scanner for PowerShell, vulnerability/exploit/detection/MS17010/SmbGhost, Brute-Force SMB/IPC/WMI/NBT/SSH/FTP/MSSQL/MYSQL/ORACLE/VNC\nhttps://github.com/k8gege/PowerLadon\n2. How detect CVE-2020-2551 PoC exploit python Weblogic RCE with IIOP\nhttps://github.com/hktalent/CVE-2020-2551", "creation_timestamp": "2023-03-06T11:00:22.000000Z"}, {"uuid": "b2de5a3c-8c24-435e-9496-cf4c3763cb61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1479", "content": "https://github.com/sp4zcmd/WeblogicExploit-GUI\nWeblogic\u6f0f\u6d1e\u5229\u7528\u56fe\u5f62\u5316\u5de5\u5177\n\nCVE-2020-2551\nCVE-2020-2555\nCVE-2020-2883\nCVE-2016-3510\nCVE-2016-0638\nCVE-2017-10271\nJdk7u21\nCVE-2017-3248\uff08JRMP\uff09\nCVE-2018-2628\uff08JRMP\uff09\nCVE-2018-2893\uff08JRMP\uff09\nCVE-2018-3245\uff08JRMP\uff09\nCVE-2018-3181\uff08JNDI\uff09\nCVE-2020-14882\u672a\u6388\u6743\u8bbf\u95ee+CVE-2021-2109\uff08JNDI\uff09\n\n#github #tools #exploit", "creation_timestamp": "2023-11-10T15:34:11.000000Z"}, {"uuid": "9201e652-2984-4dc0-8fd6-4ba315bf994b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2551", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1491", "content": "#tools\n#Blue_Team_Techniques\nWeb-Logic Exploit Scanner\n(weblogic administrator console,\nCVE-2014-4210,\nCVE-2016-0638/3510,\nCVE-2017-3248/3506/10271,\nCVE-2018-2628/2893/2894/3191/3245/3252, CVE-2019-2618/2725/2729/2890, CVE-2020-2551)\nhttps://github.com/0xn0ne/weblogicScanner", "creation_timestamp": "2024-10-11T14:40:45.000000Z"}]}