Skip to content

Privia-Security/CVE-2023-22527

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

README.md

README.md

 
 

cve-2023-22527.exe

cve-2023-22527.exe

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

main.go

main.go

 
 

Repository files navigation

CVE-2023-22527

CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability in Out-of-Date Versions of Confluence Data Center and Server

Advisory Release Date Tue, Jan 16 2024 01:00 EST

Products:

  • Confluence Data Center
  • Confluence Server

Affected Versions:

  • 8.0.x
  • 8.1.x
  • 8.2.x
  • 8.3.x
  • 8.4.x
  • 8.5.0-8.5.3
  • 7.19.x LTS versions are not affected by this vulnerability

References:

https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html?subid=1812250057&jobid=106379017&utm_campaign=confluence-critical-advisory_EML-17850&utm_medium=email&utm_source=alert-email

https://jira.atlassian.com/browse/CONFSERVER-93833

Usages

Building the exploit

go build -o cve-2023-22527.exe

Exploit

cve-2023-22527.exe -I {{target_IP}} -p {{target_Port}}

After you built main.go, u're free to exploit.

go run main.go -I {{target_IP}} -p {{target_Port}}

PoC

299332841-b130b1ff-c697-4e46-b94d-201821697363

Contact me

twitter --> https://twitter.com/m3rim4el linkedin --> https://www.linkedin.com/in/merimael

About

CVE-2023-22527

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages