Skip to content
/ CVE-2022-26134-Confluence-RCE Public

Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection

11 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

whokilleddb/CVE-2022-26134-Confluence-RCE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
confluence-exploit.py
confluence-exploit.py
 
 
start_confluence.sh
start_confluence.sh
 
 

Repository files navigation

Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection

Another exploit in OGNL Land

Description

Confluence is a web-based corporate wiki developed by Australian software company Atlassian.

On June 02, 2022 Atlassian released a security advisory for their Confluence Server and Data Center applications, highlighting a critical severity unauthenticated remote code execution vulnerability. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance.

Setup

To setup your lab, run start_conflunce.sh and follow the instructions given here.

Usage

$ ./confluence-exploit.py                          
usage: confluence-exploit.py [-h] -u URL
confluence-exploit.py: error: the following arguments are required: -u/--url 
$  ./confluence-exploit.py -u http://127.0.0.1:8090
🔗 URL: http://127.0.0.1:8090
👉 (id): whoami
confluence

References

About

Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection

Resources

Readme
Activity

Stars

11 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages