CVE-2022-26134CISA KEV: Actively Exploited

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

Published Jun 2, 2022·Updated Jun 2, 2022

Description

Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.

Public Exploits & PoCs64 found

PoC: through_the_wire

CVE-2022-26134 Proof of Concept

13

PoC: Serein

【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134。

12

PoC: CVE-2022-26134

Confluence OGNL expression injected RCE(CVE-2022-26134) poc and exp

4

PoC: CVE-2022-26134

Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)

3

PoC: CVE-2022-26134

「💥」CVE-2022-26134 - Confluence Pre-Auth RCE

2

PoC: CVE-2022-26134

CVE-2022-26134

2

PoC: CVE-2022-26134

Atlassian Confluence 远程代码执行漏洞(CVE-2022-26134)

2

PoC: CVE-2022-26134

CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL injection

2

PoC: CVE-2022-26134

Information and scripts for the confluence CVE-2022-26134

2

PoC: CVE-2022-26134

Atlassian Confluence RCE Exploitation Framework

1

PoC: CVE-2022-26134-GO

CVE-2022-26134 is a Go-based exploitation framework targeting a critical OGNL injection vulnerability in Atlassian Confluence Server/Data Center.

1

PoC: CVE-2022-26134-PoC

CVE-2022-26134-PoC

1

PoC: CVE-2022-26134

confluence rce

1

PoC: CVE-2022-26134

Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)

1

PoC: ConfluentPwn

Atlassian confluence unauthenticated ONGL injection remote code execution scanner (CVE-2022-26134).

1

PoC: cve-2022-26134

Implementation of CVE-2022-26134

1

PoC: confluence-ognl-rce

Confluence Unauth RCE (CVE-2022-26134)

PoC: CVE-2022-26134

CVE-2022-26134 - Confluence Pre-Auth Remote Code Execution [RCE]

PoC: CVE-2022-26134

Atlassian's Confluence Server and Data Center editions (Vulnerable Version > 7.18.1)

PoC: cve-2022-26134

cve-2022-26134 atlassia Confluence Data Center2016 server OGNL %[...}

PoC: CVE-2022-26134

Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26134

PoC: cve-2022-26134-poc

CVE-2022-26134 是一个影响 Atlassian Confluence Server 和 Data Center 的 远程代码执行漏洞(RCE),其成因是服务器处理 OGNL 表达式时未能正确过滤输入,从而允许攻击者以特权账户权限执行任意代码。

PoC: CVE-2022-26134

CVE-2022-26134 exploit script

PoC: CVE-2022-26134

A PoC for CVE-2022-26134 for Educational Purposes and Security Research

PoC: Atlassian_CVE-2022-26134

Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)

PoC: CVE-2022-26134

CVE-2022-26134 GO POC 练习

PoC: cve-2022-26134-poc

漏洞测试

PoC: CVE-2022-26134

CVE-2022-26134poc

PoC: CVE-2022-26134

CVE-2022-26134

PoC: cve-2022-26134

cve-2022-26134

PoC: CVE-2022-26134

Confluence Server and Data Center存在一个远程代码执行漏洞,未经身份验证的攻击者可以利用该漏洞向目标服务器注入恶意ONGL表达式,进而在目标服务器上执行任意代码。

PoC: ATLASSIAN-Confluence_rce

批量检测CVE-2022-26134 RCE漏洞

PoC: CVE-2022-26134

在受影响的Confluence Server 和Data Center 版本中,存在一个OGNL 注入漏洞,该漏洞允许未经身份验证的攻击者在Confluence Server 或Data Center 服务器上执行任意代码。

PoC: CVE-2022-26134-LAB

Detecting CVE-2022-26134 using Nuclei

PoC: CVE-2022-26134web

CVE-2022-26134 web payload

PoC: CVE-2022-26134-Console

CVE-2022-26134-Console

PoC: CVE-2022-26134

远程攻击者在Confluence未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc,方便getshell。

PoC: cve-2022-26134

Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server.

PoC: CVE-2022-26134-PoC

CVE-2022-26134-PoC

PoC: confusploit

This is a python script that can be used with Shodan CLI to mass hunting Confluence Servers vulnerable to CVE-2022-26134

PoC: CVE-2022-26134

Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).

PoC: CVE-2022-26134

Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)

PoC: TryHackMe-Atlassian-CVE-2022-26134

Atlassian, CVE-2022-26134 An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability.

PoC: CVE-2022-26134_conFLU

PoC for exploiting CVE-2022-26134 on Confluence

PoC: CVE-2022-26134

[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)

PoC: CVE-2022-26134

CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection

PoC: CVE-2022-26134

CVE-2022-26134 - Confluence Pre-Auth Remote Code Execution via OGNL Injection

PoC: BotCon

[CVE-2022-26134] Attlasian Confluence RCE

PoC: CVE-2022-26134

[CVE-2022-26134] Confluence Pre-Auth Object-Graph Navigation Language (OGNL) Injection

PoC: exploit_CVE-2022-26134

CVE-2022-26134, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. This is CVE-2022-26134 expoitation script

PoC: CVE-2022-26134

Atlassian Confluence- Unauthenticated OGNL injection vulnerability (RCE)

PoC: CVE-2022-26134-Confluence-RCE

Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection

PoC: CVE-2022-26134

CVE-2022-26134 Confluence OGNL Injection POC

PoC: confluencePot

Simple Honeypot for Atlassian Confluence (CVE-2022-26134)

PoC: Confluence-CVE-2022-26134

This repository talks about Zero-Day Exploitation of Atlassian Confluence, it's defense and analysis point of view from a SecOps or Blue Team perspective

PoC: CVE-2022-26134

Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)

PoC: Confluence-CVE-2022-26134

CVE-2022-26134

PoC: CVE-2022-26134

Atlassian confluence poc

PoC: CVE-2022-26134

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC

PoC: CVE-2022-26134

(CVE-2022-26134)an unauthenticated and remote OGNL injection vulnerability resulting in code execution in the context of the Confluence server

PoC: CVE-2022-26134-POC

CVE-2022-26134 ATLASIAN CONFULENCE UNAUTHETICATED RCE

PoC: CVE-2022-26134-Exploit-Detection-on-Linux

This repository contains Yara rule and the method that a security investigator may want to use for CVE-2022-26134 threat hunting on their Linux confluence servers.

PoC: CVE-2022-26134_vuln

CVE-2022-26134 vuln domains

PoC: CVE-2022-26134

0-DAY: Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134).

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free