CVE-2025-61882 PoC — Oracle E-Business Suite 安全漏洞

Source

Associated Vulnerability

Description

Detection for CVE-2025-61882

Readme

# CVE-2025-61882 & CVE-2025-61884

***EDIT: Oracle just disclosed a new vulnerability CVE-2025-61884, the detection script for that vuln can be found in this repo or originally here: https://gist.github.com/rxerium/6c70bc6b72fc0d1365c85937d35d9550.***

As quoted from [Oracle's security advisory](https://www.oracle.com/security-alerts/alert-cve-2025-61882.html):
> This Security Alert addresses vulnerability CVE-2025-61882 in Oracle E-Business Suite. This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network without the need for a username and password. If successfully exploited, this vulnerability may result in remote code execution.

## How does this detection method work?

This vulnerability detection template detects Oracle E-Business Suite instances that are vulnerable to CVE-2025-61882 by checking if the page contains "E-Business Suite Home Page" text and comparing the Last-Modified header date against October 4, 2025. If the Last-Modified date is before October 4, 2025 (Unix timestamp 1759602752), it indicates the instance hasn't been patched and is potentially vulnerable to the vulnerability in question.

## How do I run this script?

1. Download Nuclei from [here](https://github.com/projectdiscovery/nuclei)
2. Copy the template to your local system
3. Run the following command: `nuclei -u https://yourHost.com:<port> -t template.yaml` 

***For enhanced detection please include ports in your input list.***

## References

- https://www.oracle.com/security-alerts/alert-cve-2025-61882.html
- https://www.shodan.io/search?query=html%3A%22OA_HTML%22&page=2


## Disclaimer

Use at your own risk, I will not be responsible for illegal activities you conduct on infrastructure you do not own or have permission to scan.

## Share This Project

<div align="center">
  <a href="https://twitter.com/intent/tweet?text=Check%20out%20this%20CVE%20detection%20template%20by%20@rxerium!&url=https://github.com/rxerium/poc-template" target="_blank">
    <img src="https://img.shields.io/badge/🐦%20Share%20on-Twitter-lightgrey?style=flat&logo=twitter&logoColor=1DA1F2" alt="Share on Twitter"/>
  </a>
  <a href="https://www.linkedin.com/sharing/share-offsite/?url=https://github.com/rxerium/poc-template" target="_blank">
    <img src="https://img.shields.io/badge/💼%20Share%20on-LinkedIn-lightgrey?style=flat&logo=linkedin&logoColor=0077B5" alt="Share on LinkedIn"/>
  </a>
  <a href="mailto:?subject=CVE%20Detection%20Template&body=Check%20out%20this%20interesting%20CVE%20detection%20template%20by%20rxerium:%20https://github.com/rxerium/poc-template" target="_blank">
    <img src="https://img.shields.io/badge/%20Share%20via-Email-lightgrey?style=flat&logo=gmail&logoColor=D14836" alt="Share via Email"/>
  </a>
</div>

---

## Contact

Feel free to reach out via [Signal](https://signal.me/#eu/0Qd68U1ivXNdWCF4hf70UYFo7tB0w-GQqFpYcyV6-yr4exn2SclB6bFeP7wTAxQw) if you have any questions.

File Snapshot

 [4.0K]  /data/pocs/0f5fb3b4e25720edcdeb65a7807e8b542acb1ced
├── [1.0K]  CVE-2025-61882.yaml
├── [1.0K]  CVE-2025-61884.yaml
├── [1.0K]  LICENSE
└── [2.9K]  README.md

1 directory, 4 files

Remarks