Share
## https://sploitus.com/exploit?id=C1DA918F-CA91-5E24-9AC4-62CAAE969700
# WebLogic CVE-2020-14882 / CVE-2020-14883 Test Script

This project provides a simple Bash script for testing whether an Oracle WebLogic
server is vulnerable to the **authentication bypass** (CVE-2020-14882) and the
associated **remote code execution vector** (CVE-2020-14883).  

The script sends a POST request to the WebLogic Console path traversal endpoint: `/console/images/%252E%252E%252Fconsole.portal`

Pass the full URL including protocol and port.  
The script appends the traversal path and sends a POST request.

Change the IP or host in the script before running and set up a listener for the curl request, use Burp Collaborator,  or webhook.site etc.