This Metasploit module exploits a path traversal and a Java class instantiation in the handle implementation of WebLogic’s Administration Console to execute code as the WebLogic user. Versions 10.3.6.0.0, 126.96.36.199.0, 188.8.131.52.0, 184.108.40.206.0, and 220.127.116.11.0 are known to be affected. Tested against 18.104.22.168.0 from Vulhub (Linux) and on Windows. Warning! Multiple sessions may be created by exploiting this vuln.