CVE-2022-26134
Description
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Severity: CRITICAL
CVE ID: CVE-2022-26134
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2022-26134
Refrence: Project Discovery GitHub
W01fh4cker
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
Refrence: GitHub
offlinehoster
Information and scripts for the confluence CVE-2022-26134
Refrence: GitHub
CyberDonkyx0
0-DAY: Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134).
Refrence: GitHub
th3b3ginn3r
This repository contains Yara rule and the method that a security investigator may want to use for CVE-2022-26134 threat hunting on their Linux confluence servers.
Refrence: GitHub
jbaines-r7
CVE-2022-26134 Proof of Concept
Refrence: GitHub
crowsec-edtech
CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL injection
Refrence: GitHub
kyxiaxiang
Refrence: GitHub
Brucetg
(CVE-2022-26134)an unauthenticated and remote OGNL injection vulnerability resulting in code execution in the context of the Confluence server
Refrence: GitHub
shamo0
Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC
Refrence: GitHub
SNCKER
[CVE-2022-26134]Confluence OGNL expression injected RCE with sandbox bypass.
Refrence: GitHub
Sakura-nee
Refrence: GitHub
Vulnmachines
Refrence: GitHub
axingde
Atlassian confluence poc
Refrence: GitHub
0xAgun
Refrence: GitHub
abhishekmorla
Refrence: GitHub
hev0x
Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)
Refrence: GitHub
archanchoudhury
This repository talks about Zero-Day Exploitation of Atlassian Confluence, it's defense and analysis point of view from a SecOps or Blue Team perspective
Refrence: GitHub
SIFalcon
Simple Honeypot for Atlassian Confluence (CVE-2022-26134)
Refrence: GitHub
CatAnnaDev
Refrence: GitHub
vesperp
Refrence: GitHub
li8u99
Atlassian Confluence 远程代码执行漏洞(CVE-2022-26134)
Refrence: GitHub
reubensammut
Implementation of CVE-2022-26134
Refrence: GitHub
BeichenDream
Refrence: GitHub
alcaparra
CVE-2022-26134 Confluence OGNL Injection POC
Refrence: GitHub
whokilleddb
Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection
Refrence: GitHub
Habib0x0
Atlassian Confluence- Unauthenticated OGNL injection vulnerability (RCE)
Refrence: GitHub
Y000o
Refrence: GitHub
redhuntlabs
Atlassian confluence unauthenticated ONGL injection remote code execution scanner (CVE-2022-26134).
Refrence: GitHub
cai-niao98
CVE-2022-26134
Refrence: GitHub
sunny-kathuria
CVE-2022-26134, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. This is CVE-2022-26134 expoitation script
Refrence: GitHub
KeepWannabe
[CVE-2022-26134] Attlasian Confluence RCE
Refrence: GitHub
Chocapikk
CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection
Refrence: GitHub
AmoloHT
「💥」CVE-2022-26134 - Confluence Pre-Auth RCE
Refrence: GitHub
kh4sh3i
[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)
Refrence: GitHub
ColdFusionX
Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)
Refrence: GitHub
Luchoane
PoC for exploiting CVE-2022-26134 on Confluence
Refrence: GitHub
r1skkam
Atlassian, CVE-2022-26134 An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability.
Refrence: GitHub
nxtexploit
Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)
Refrence: GitHub
Debajyoti0-0
Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).
Refrence: GitHub
f4yd4-s3c
Refrence: GitHub
coskper-papa
confluence rce
Refrence: GitHub
p4b3l1t0
This is a python script that can be used with Shodan CLI to mass hunting Confluence Servers vulnerable to CVE-2022-26134
Refrence: GitHub
twoning
CVE-2022-26134-PoC
Refrence: GitHub
iveresk
Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server.
Refrence: GitHub
keven1z
远程攻击者在Confluence未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc,方便getshell。
Refrence: GitHub
shiftsansan
CVE-2022-26134-Console
Refrence: GitHub
1337in
CVE-2022-26134 web payload
Refrence: GitHub
skhalsa-sigsci
Detecting CVE-2022-26134 using Nuclei
Refrence: GitHub
yigexioabai
Refrence: GitHub
kailing0220
在受影响的Confluence Server 和Data Center 版本中,存在一个OGNL 注入漏洞,该漏洞允许未经身份验证的攻击者在Confluence Server 或Data Center 服务器上执行任意代码。
Refrence: GitHub
xanszZZ
批量检测CVE-2022-26134 RCE漏洞
Refrence: GitHub
kelemaoya
Confluence Server and Data Center存在一个远程代码执行漏洞,未经身份验证的攻击者可以利用该漏洞向目标服务器注入恶意ONGL表达式,进而在目标服务器上执行任意代码。
Refrence: GitHub
CJ-0107
cve-2022-26134
Refrence: GitHub
latings
CVE-2022-26134
Refrence: GitHub
yyqxi
CVE-2022-26134poc
Refrence: GitHub
b4dboy17
Refrence: GitHub
wjlin0
CVE-2022-26134 GO POC 练习
Refrence: GitHub
cbk914
Refrence: GitHub
MaskCyberSecurityTeam
Refrence: GitHub
Muhammad-Ali007
Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)
Refrence: GitHub
acfirthh
A PoC for CVE-2022-26134 for Educational Purposes and Security Research
Refrence: GitHub
yTxZx
Refrence: GitHub
DARKSTUFF-LAB
Refrence: GitHub
404fu
Refrence: GitHub
Content on GitHub
0x14dli | watchers:36
cve2022-26134exp
cve2022-26134
Refrence: GitHub
murataydemir | watchers:2
CVE-2022-26134
[CVE-2022-26134] Confluence Pre-Auth Object-Graph Navigation Language (OGNL) Injection
Refrence: GitHub
5l1v3r1 | watchers:0
CVE-2022-26141
CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection
Refrence: GitHub