CVE-2022-26134

Related Files

Confluence OGNL Injection Proof Of Concept

Posted Jun 7, 2022

Authored by Samy Younsi | Site github.com

Proof of concept script that exploits the remote code execution vulnerability affecting Atlassian Confluence versions 7.18 and below. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance. All supported versions of Confluence Server and Data Center are affected. Confluence Server and Data Center versions after 1.3.0 and below 7.18.1 are affected. The vulnerability has a CVSS score of 10 out of 10 for criticality.

tags | exploit, remote, arbitrary, code execution, proof of concept

advisories | CVE-2022-26134

SHA-256 | af35a5a0af240395f62e977601885f29387ee4fc958081d1910e6f6f0d3d428a

Download | Favorite | View

Through The Wire CVE-2022-26134 Confluence Proof Of Concept

Posted Jun 7, 2022

Authored by jbaines-r7 | Site github.com

Through the Wire is a proof of concept exploit for CVE-2022-26134, an OGNL injection vulnerability affecting Atlassian Confluence Server and Data Center versions 7.13.6 LTS and below and versions 7.18.0 "Latest" and below. This was originally a zero-day exploited in-the-wild.

tags | exploit, proof of concept

advisories | CVE-2022-26134

SHA-256 | 942e5b3f32027294cb480a1f6e34ca8ed1933380c4aa4a79161e45a5c6ec7cbc

Download | Favorite | View

Confluence OGNL Injection Remote Code Execution

Posted Jun 7, 2022

Authored by h3v0x | Site github.com

Confluence suffers from a pre-authentication remote code execution vulnerability that is leveraged via OGNL injection. All 7.4.17 versions before 7.18.1 are affected.

tags | exploit, remote, code execution

advisories | CVE-2022-26134

SHA-256 | 26aa29ff2f763421c60482664f517397136737aa76c3603580bd9bdd40a7e339

Download | Favorite | View