Full title: WebLogic Server Deserialization Remote Code Execution Exploit 
Category: remote exploits
Platform: multiple
This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable WebLogic servers.

# 0day.today @ http://0day.today/