Skip to content

AmoloHT/CVE-2022-26134

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 

Repository files navigation

「💥」CVE-2022-26134

Description

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

Demo

demo

demo2

Usage

pip install requests
git clone https://github.com/AmoloHT/CVE-2022-26134
cd CVE-2022-26134
python3 cve-2022-26134.py -cmd 'id' -u http://TARGET.TLD

Reference