Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC
Atlassian rates the severity level of this vulnerability as critical, according to the scale published in Atlassian severity levels. All versions of Confluence Server and Data Center prior to the fixed versions listed above are affected by this vulnerability.
Released versions 7.4.17, 7.13.7, 7.14.3, 7.15.2, 7.16.4, 7.17.4 and 7.18.1 contain a fix for this issue.
git clone https://github.com/shamo0/CVE-2022-26134.git
cd CVE-2022-26134
python3 exploit.py https://target.com CMD
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html
https://github.com/Nwqda/CVE-2022-26134
https://jira.atlassian.com/browse/CONFSERVER-79016
https://bugalert.org/content/notices/2022-06-02-confluence.html