CVE-2021-26084 PoC — Atlassian Confluence Server 注入漏洞

Source

https://github.com/prettyrecon/CVE-2021-26084_Confluence

Associated Vulnerability

Title:Atlassian Confluence Server 注入漏洞 (CVE-2021-26084)
Description:In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

Description

CVE-2021-26084 - Confluence Pre-Auth RCE  OGNL injection 回显

Readme

# CVE-2021-26084 - Confluence Pre-Auth RCE  OGNL injection
### Usage

- ```
  usage: cve-2021-26084_confluence_rce.py [-h] --url URL [--cmd CMD] [--shell]
  
  CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection
  
  optional arguments:
    -h, --help         show this help message and exit
    --url URL, -u URL  Target Url
    --cmd CMD, -c CMD  Command
    --shell            Get shell
  ```

- ```
  python3 cve-2021-26084_confluence_rce.py -u http://target:8090 -c "whoami"
  ```

  ![1630484082986](img/1630484082986.png)

- ```
  python3 cve-2021-26084_confluence_rce.py -u http://target:8090 -c "cmd.exe /c dir"
  ```

  ![1630484112292](img/1630484112292.png)



### Reference:

https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md

File Snapshot


 [4.0K]  /data/pocs/eee577351090d098fa91dec09d4a9ef6ab3a6cfa
├── [2.6K]  cve-2021-26084_confluence_rce.py
├── [4.0K]  img
│   ├── [ 11K]  1630484082986.png
│   └── [ 38K]  1630484112292.png
└── [ 757]  README.md

1 directory, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!