Skip to content

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC

Notifications You must be signed in to change notification settings

shamo0/CVE-2022-26134

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 

Repository files navigation

CVE-2022-26134 PoC

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC

Severity

Atlassian rates the severity level of this vulnerability as critical, according to the scale published in Atlassian severity levels. All versions of Confluence Server and Data Center prior to the fixed versions listed above are affected by this vulnerability.

Fixed Versions

Released versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1 contain a fix for this issue.

PoC

git clone https://github.com/shamo0/CVE-2022-26134.git
cd CVE-2022-26134
python3 exploit.py https://target.com CMD

References

https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html

https://github.com/Nwqda/CVE-2022-26134

https://jira.atlassian.com/browse/CONFSERVER-79016

https://bugalert.org/content/notices/2022-06-02-confluence.html

About

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages