Share
## https://sploitus.com/exploit?id=DCF64617-7DC6-5895-BE0B-4F5E98144BF4
Oracle Identity Manager CVE-2025-61757 Vulnerability Detection Tool v2.2
๐ฅ Vulnerability Background
Recently, Oracle Identity Manager was exposed to a serious remote code execution vulnerability (CVE-2025-61757). This vulnerability arises due to improper handling of request URIs by SecurityFilter. Attackers can bypass authentication by adding the โ.wadlโ parameter. Subsequently, they can execute arbitrary code during processor compilation using Groovy scripts, ultimately gaining server privileges.
**Vulnerability Severity:**
CVSS Score: 9.8 (High Risk)
Affected Servers: Thousands of servers worldwide
Exploitation Difficulty: Low
Risk Level: Very High
๐ก๏ธ Tool Introduction
To address this urgent security threat, an automated scanning tool specifically designed to detect CVE-2025-61757 was developed. This tool is efficient, accurate, and easy to use, helping enterprises quickly identify and fix security risks.
**Core Features:**
1. **Intelligent Vulnerability Detection**
- Authentication bypass detection: Accurately identifies vulnerabilities caused by โ.wadlโ parameter bypassing.
- RCE vulnerability verification: Validates command injections via Groovy scripts.
- Target identification: Automatically detects Oracle Identity Manager systems.
2. **Efficient Batch Scanning**
- Multithreading support: Supports up to 50 concurrent processes, enabling rapid scanning of large numbers of targets.
- Intelligent timeout: Configurable timeout periods to adapt to different network environments.
- Connection reuse: Optimizes request efficiency to enhance scanning speed.
3. **Professional Report Generation**
- Color-coded reports: Red, yellow, and blue colors indicate vulnerability levels.
- Detailed reports: Automatically saves vulnerability lists and scan reports.
- Real-time progress display: Provides intuitive insights into scanning progress and results.
4. **Enterprise-Level Features**
- Error tolerance: Automatically handles network exceptions and timeouts.
- Duplicate target filtering: Automatically eliminates duplicate targets.
- Flexible configuration: Supports custom thread counts and timeout settings.
๐ Quick Start
**Environment Requirements:**
Python 3.6+
requests library
**Installation and Usage:**
```bash
# Install dependencies
pip install requests
# Download the tool
git clone https://github.com/jinxia-security/oracle-scanner.git
cd oracle-scanner
# Single-target scanning
python oracle_scanner.py -u https://target.com:7001
# Batch scanning
python oracle_scanner.py -f targets.txt -t 20 -v
# Generate detailed reports
python oracle_scanner.py -f enterprise_targets.txt -T 15
```
**Usage Examples:**
**Basic Scanning:**
```bash
python oracle_scanner.py -f targets.txt
https://example.com/basic-scan.png
```
**Detailed Mode:**
```bash
python oracle_scanner.py -f targets.txt -v -t 15
```
This mode displays detailed detection processes and debugging information.
**Enterprise-Level Scanning:**
```bash
python oracle_scanner.py -f enterprise_targets.txt -t 30 -T 10
```
Suitable for large enterprise networks.
๐ Output Explanation:
- **Colors:**
๐ด Red: RCE vulnerabilities (high risk)
๐ก Yellow: Authentication bypass vulnerabilities (high risk)
๐ต Blue: Targets detected but no vulnerabilities (low risk)
๐ข Green: Normal output
**Report Examples:**
```
๐ Scan Report
==================================================
๐ Total Targets: 150
๐ด RCE Vulnerabilities: 3
๐ก Authentication Bypass: 12
๐ต Targets Detected: 45
โซ Not Found: 80
โ Errors/Timeouts: 10
โฑ๏ธ Scan Time: 125.36 seconds
```