CVE-2022-26134 PoC — Atlassian Confluence Server 注入漏洞

Source

https://github.com/404fu/CVE-2022-26134-POC

Associated Vulnerability

Title:Atlassian Confluence Server 注入漏洞 (CVE-2022-26134)
Description:In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

Readme

# 描述：

**这是一款支持多线程批量探测Confluence OGNL注入漏洞（CVE-2022-26134）的脚本工具**

# 使用教程：
- url.txt文件内为目标地址
  
![image](https://github.com/404fu/CVE-2022-26134-POC/assets/144592414/d8cc8db4-7ae2-4e4c-acd1-19f71b3b9e13)

# 效果：
1.单独目标探测
![image](https://github.com/404fu/CVE-2022-26134-POC/assets/144592414/d185c88e-d744-484a-a701-6e7cf4ac80c9)

2.批量探测（**探测成功会在命令窗口中有黄色高亮回显**）
![image](https://github.com/404fu/CVE-2022-26134-POC/assets/144592414/7b3123ff-4fdd-452d-80e8-ad2c7cfef521)

# 免责声明：
**该工具只用于学习，请遵守网络安全法律法规，违法使用者与本开发者无关！！**

File Snapshot


 [4.0K]  /data/pocs/1cc544d66fcf1f1b9744b52ffd7a0dfa6983294b
├── [5.6K]  CVE-2022-26134.py
└── [ 742]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!