CVE-2012-3152 — Vulnetix

CVE-2012-3152 PUBLISHED KEV

EPSS 93.54% · 99.8th percentile

Risk Scores

EPSS Score

93.54%

99.8th percentile

Exploit Intelligence

Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only. (github-poc)
Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only. (github-poc)
Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only. (github-poc)
Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only. (github-poc)
Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only. (github-poc)
Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only. (github-poc)
Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only. (github-poc)
Automated exploitation scanner for Oracle Reports Server (rwservlet) — CVE-2012-3152 / CVE-2012-3153. Detects, fingerprints, reads files via LFI, tests SSRF via webhook, and uploads JSP shells. Targets Oracle Reports < 11g. For authorized use only. (github-poc)
SERVER-ORACLE Oracle Reports server remote code execution attempt (vulnetix)
SERVER-ORACLE Oracle Reports server remote code execution attempt (vulnetix)

…and 39 more exploits

Timeline

CVE Published
Jan 29, 2014 PoC Published
Feb 7, 2014 PoC Published
Feb 18, 2014 PoC Published
Nov 3, 2021 CISA KEV Added
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Sep 29, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 31, 2022 EPSS Score

References

https://cert.ssi.gouv.fr/avis/CERTA-2012-AVI-578/ advisory

Open in Interactive Console →