Oracle WebLogic RCE

Sooraj V Nair
Published on
16 Jun 2021

CVE-2018-2894 is a vulnerability found in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services).,, and are the supported versions that are affected. Oracle WebLogic Server is vulnerable to an easily exploited vulnerability that allows an unauthenticated attacker with network access through HTTP to compromise it. Oracle WebLogic Server may be taken over if this vulnerability is exploited successfully.

Mitigation / Precaution

In order to patch this vulnerability, please install the official patch Oracle made available for supported, vulnerable instances.

Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Sooraj V Nair
Sooraj V Nair
Cyber Security Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment