Share
## https://sploitus.com/exploit?id=SAINT:A492FCCCC7F135B8256835462B220AA5
Added: 01/23/2026  


### Background

Oracle HTTP Server is the web server component for Oracle Fusion Middleware. 

### Problem

A vulnerability in Oracle HTTP Server and Weblogic Proxy Plug-in could allow a remote attacker to execute arbitrary commands by requesting a specially crafted path which allows execution of commands injected into certain headers. 

### Resolution

Apply the Oracle Critical Patch Update for January 2026. 

### References

https://www.oracle.com/security-alerts/cpujan2026.html#AppendixFMW   


### Platforms

Windows  
Linux