{"vulnerability": "CVE-2022-21371", "sightings": [{"uuid": "fa54317c-763e-436c-9271-4bfcd1290620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "MISP/b7effe8d-f245-44fd-94ef-5f2f693cfb06", "content": "", "creation_timestamp": "2022-09-30T08:50:28.000000Z"}, {"uuid": "066fef7d-f9a7-4dca-8e9c-ff9352b844b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfsytod6ew2t", "content": "", "creation_timestamp": "2025-01-16T00:16:07.307094Z"}, {"uuid": "9b6af0ed-9af7-4150-a0f3-2338ffa2cbda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "https://t.me/breachdetector/358753", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"What is Oracle WebLogic Server CVE-2022-21371?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"14 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-14T08:22:20.000000Z"}, {"uuid": "d0f43e94-c09b-4c9e-b6aa-d4c12d50ef0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3043", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aOracle WebLogic CVE-2022-21371\nURL\uff1ahttps://github.com/Vulnmachines/Oracle-WebLogic-CVE-2022-21371\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-27T06:29:13.000000Z"}, {"uuid": "601152be-b75d-4986-b3b5-b9e3798ab372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2814", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nBlazingFast\n\nDoS method (updated 2022)\n\nThe previous method I posted has been patched, this one has not been. You can modify this script or implement it in order to use bots to take down a BlazingFast VPS. BlazingFast is known for being a relatively good host, and with my own experience, has a good team.\n\nBlazingFast protects all its virtual private servers with very good mitigation and detection methods, this script bypasses them by pretending to be a whitelisted crawling bot (BlazingFast use them to crawl servers for statistics such as avg heat, avg net use, etc) and succeeds in sending enough traffic to knock down a single server its aimed at.\n\nhttps://github.com/0x44F/blazingfast-dos-updated\n\nPyExchangePasswordSpray\n\nMicrosoft Exchange password spraying tool with proxy capabilities.\n\nFeatures:\n\u25ab\ufe0f Proxy List Support . HTTP & HTTPS\n\u25ab\ufe0f Set a delay between each password spray.\n\u25ab\ufe0f Use user & password list from a txt file\n\u25ab\ufe0f Multi-threading support\n\nhttps://github.com/iomoath/PyExchangePasswordSpray\n\nWpushell\n\nA tool used to upload a backdoor shell to a site that uses a WordPress Content Management System with a simple and fast process. Built using the Python programming language and can only be run on the command line terminal.\n\nThis tool has advantages which include:\n\u25ab\ufe0f Fast process.\n\u25ab\ufe0f Execution of more than one target.\n\u25ab\ufe0f Easy to use.\n\nhttps://github.com/22XploiterCrew-Team/Wpushell\n\nMSSQL-Analysis-Coerce\n\nCoerced Authentication\n\nA technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.\n\nhttps://github.com/p0dalirius/MSSQL-Analysis-Coerce\n\nCVE-2022-21371\n\nThe Oracle Fusion Middleware's Oracle WebLogic Server product (Web Container component) is vulnerable to local file inclusion. An easily exploited vulnerability could allow an unauthenticated attacker with HTTP network access to compromise Oracle WebLogic Server. A successful attack on this vulnerability, provide hackers complete access to Oracle WebLogic Server's whole data store or unrestricted access to sensitive data.\n\nhttps://github.com/Vulnmachines/Oracle-WebLogic-CVE-2022-21371\n\n#cve\n\nHearMeOut\n\nVoice phishing behavior detection system in AOSP\n\nHearMeOut operates as an Android system service. You need to register HearMeOut as an Android system service, referring to the description below. You also need to change the source code of each Android module so that HaerMeOut can detect voice phishing behavior.\n\nhttps://github.com/WSP-LAB/hearmeout\n\nCloudQuery\n\nThe open source high performance data integration platform designed for security and infrastructure teams.\n\nCloudQuery extracts, transforms, and loads your cloud assets. CloudQuery enables you to assess, audit, and monitor the configurations of your cloud assets.\n\nCloudQuery key use-cases and features:\n\n\u25ab\ufe0f Search: Use standard SQL to find any asset based on any configuration or relation to other assets.\n\u25ab\ufe0f Visualize: Connect CloudQuery standard PostgreSQL database to your favorite BI/Visualization tool such as Grafana, QuickSight, etc.\n\u25ab\ufe0f Policy-as-Code: Codify your security & compliance rules with SQL as the query engine.\n\nhttps://github.com/cloudquery/cloudquery\n\npip-audit\n\npip-audit is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database (https://github.com/pypa/advisory-database) via the PyPI JSON API as a source of vulnerability reports.\n\nThis project is maintained in part by Trail of Bits with support from Google. This is not an official Google or Trail of Bits product.\n\nhttps://github.com/pypa/pip-audit\n\nDoldrums\n\nA reverse engineering tool for Flutter apps targetting Android. Concretely, it is a parser and information extractor for the Flutter/Dart Android binary, conventionally named libapp.so, for all Dart version 2.10 releases. When run, it outputs a full dump of all classes present in the isolate snapshot.\n\nhttps://github.com/rscloura/Doldrums\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org", "creation_timestamp": "2023-04-01T09:04:05.000000Z"}, {"uuid": "0a56749a-80b3-4436-9624-4dcb5e55ffe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "https://t.me/breachdetector/358748", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"Oracle WebLogic Server CVE-2022-21371 Nedir?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"14 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-14T08:22:08.000000Z"}, {"uuid": "ac23f3b3-949c-4449-8beb-6646776a99f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5282", "content": "#exploit\n1. CVE-2022-21371:\nOracle WebLogic Server 12.1.3/12.2.1.3/12.2.1.4/14.1.1 \n- Local File Inclusion\nhttps://gist.github.com/picar0jsu/f3e32939153e4ced263d3d0c79bd8786\n\n2. CVE-2021-20038:\nSonicWall SMA-100 Unauth RCE Exploit\nhttps://github.com/jbaines-r7/badblood", "creation_timestamp": "2022-01-26T11:04:01.000000Z"}, {"uuid": "8a663cc8-b865-49a8-8528-0ecd7a168b14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-21371", "type": "seen", "source": "https://t.me/ctinow/199568", "content": "https://ift.tt/cUZw4Bs\nMars: CVE-2022-21371: Oracle WebLogic Server Local File Inclusion", "creation_timestamp": "2024-03-04T20:56:28.000000Z"}]}