Reference : 1. https://testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf
2. https://github.com/jas502n/CVE-2020-14882 (bypass patch)
cve-2020-14882 is a pre-auth RCE vulnerability in WebLogic discovered by voidfyoo of Chaitin Security Research Lab. This is a high impact and easy to exploit vulnerability.
Wrote a poc exploit to pop up calculator on target server
Wrote a python script for myself to download mp3/music from YouTube.
Use python3 + Qt5 to give the script to have cross-platform and GUI ability.
Tested on: Win 10 and Kali Linux.