Skip to content

shamo0/CVE-2022-26134

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

README.md

README.md

 
 

exploit.py

exploit.py

 
 

Repository files navigation

CVE-2022-26134 PoC

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC

Severity

Atlassian rates the severity level of this vulnerability as critical, according to the scale published in Atlassian severity levels. All versions of Confluence Server and Data Center prior to the fixed versions listed above are affected by this vulnerability.

Fixed Versions

Released versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1 contain a fix for this issue.

PoC

git clone https://github.com/shamo0/CVE-2022-26134.git
cd CVE-2022-26134
python3 exploit.py https://target.com CMD

References

https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html

https://github.com/Nwqda/CVE-2022-26134

https://jira.atlassian.com/browse/CONFSERVER-79016

https://bugalert.org/content/notices/2022-06-02-confluence.html

About

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC

Topics

python data server exploit code injection remote poc rce execution confluence atlassian center ognl cve-2022-26134 26134

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages