Home / Companies / Detectify / Blog / Post Details
Content Deep Dive

Detectify checks for critical Oracle WebLogic Server RCEs (CVE-2020-14882, CVE-2020-14750)

Blog post from Detectify

Post Details
Company
Date Published
Author
Detectify
Word Count
350
Company Posts That Month
10
Language
-
Hacker News Points
-
Post removed?
No
Summary

Detectify has launched a security test to identify critical remote code execution (RCE) vulnerabilities, CVE-2020-14882 and CVE-2020-14750, in Oracle WebLogic Server and Oracle Fusion Middleware, which are being actively exploited by botnets. These vulnerabilities allow attackers to execute arbitrary commands on unpatched servers, potentially leading to data theft, keystroke logging, network infiltration, and the enlistment of compromised machines in botnets. The vulnerabilities, which have high severity scores due to the simplicity of exploitation via a single server request, affect specific versions of Oracle WebLogic Server. Detectify advises immediate installation of Oracle's October and November 2020 security patches to mitigate these risks. Detectify's web scanner can automate the detection of over 2000 known vulnerabilities, including these critical issues, and offers a free two-week trial for users to assess their exposure to the latest threats.

Trends Found in this Post

No tracked trend matches for this post yet.

Use This Data

Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.