This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable WebLogic servers.
520b0c827c8b01d8c2ca1ab697de7f2fc8a7e99f91c7209728f8431d3a566cea