Oracle WebLogic Server commons-collections Java Library Deserialization Vulnerability Remote Code Execution Exploit

Oracle WebLogic Server is prone to a remote vulnerability that allows attackers to take advantage of a deserialization vulnerability present in the commons-collections Java library. By exploiting known methods, it is possible to remotely load a InvokerTransformer Java class, wich allows the execution of system commands.
CVE Link
CVE-2015-4852
Exploit Platform
Windows
Linux
Exploit Type
Exploits
Remote
Product Name
Impact