CVE-2022-26134 – OGNL injection vulnerability
Script PoC that exploit the remote code execution vulnerability affecting Atlassian Confluence products 7.18.1 and under. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance.
All supported versions of Confluence Server and Data Center are affected. Confluence Server and Data Center versions after 1.3.0 are affected.
- Python 3.3+
- The dependencies can be satisfied via pip install -r requirements.txt
How to use:
Clone the repo
git clone https://github.com/Nwqda/CVE-2022-26134 cd CVE-2022-26134
- Run exploit
python3 cve-2022-26134.py https://target.com CMD python3 cve-2022-26134.py https://target.com id python3 cve-2022-26134.py https://target.com "ps aux"
Follow the official instruction from Atlassian: https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
FOR EDUCATIONAL PURPOSE ONLY.