Oracle Application Testing Suite UploadServlet Servlet Remote Code Execution Exploit

A vulnerability exists in the UploadServlet servlet. By providing a filename header containing a directory traversal, an attacker can upload a file to an arbitrary location on the system. This module abuses the auto deploy feature in the server in order to achieve remote code execution.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2016-0490
Product Version: 
2015_R1
Released Date: 
Thursday, February 25, 2016 - 00:00