Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubexploit3926D602-9F67-5EF7-B2D1-A6B2716E1DF5
HistoryOct 06, 2021 - 11:24 p.m.

Exploit for Injection in Atlassian Confluence

2021-10-0623:24:24
234

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

CVE-2021-26084

Introduction

This write-up provides an over…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

Related

githubexploit 35
rapid7blog 5
attackerkb 7
ibm 8
qualysblog 8
openvas 3
metasploit 2
talosblog 1
cisco 1
kitploit 5
nuclei 2
threatpost 23
osv 2
nessus 9
akamaiblog 3
prion 2
zdt 7
veracode 1
exploitpack 1
packetstorm 6
dsquare 1
redhatcve 1
myhack58 3
github 2
checkpoint_advisories 2
ubuntucve 1
f5 1
krebs 1
impervablog 7
cve 2
cisa_kev 2
trendmicroblog 4
cisa 1
atlassian 3
thn 14
hackerone 2
exploitdb 3
malwarebytes 4
hivepro 1
mssecure 2
mmpc 2
avleonov 2
fireeye 1
googleprojectzero 1
ics 3
securelist 1
oracle 1
githubexploit
githubexploit
Exploit for Injection in Atlassian Confluence
2021-10-06 23:24:24
Exploit for Injection in Atlassian Confluence
2021-10-06 23:24:24
Exploit for Injection in Atlassian Confluence
2021-09-07 01:15:16
rapid7blog
rapid7blog
Active Exploitation of Confluence CVE-2022-26134
2022-06-02 23:27:15
Metasploit Wrap-Up
2021-10-22 14:25:55
Active Exploitation of Confluence Server & Confluence Data Center: CVE-2021-26084
2021-09-02 15:44:36
attackerkb
attackerkb
CVE-2022-26134
2022-07-13 00:00:00
CVE-2018-11776
2018-08-22 00:00:00
CVE-2021-26084 Confluence Server OGNL injection
2021-08-10 00:00:00
ibm
ibm
Security Bulletin: Public disclosed vulnerability from Apache Struts affects IBM Platform Application Center
2018-09-25 13:15:02
Security Bulletin: Public disclosed vulnerability from Apache Struts affects IBM Spectrum LSF Explorer
2018-09-25 13:15:02
Security Bulletin: Vulnerability in Apache Struts affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (CVE-2018-11776)
2023-03-29 01:48:02
qualysblog
qualysblog
Security News: Hackers Aim Ransomware at Big Cos., as Experts Call for Swift Patching of Struts Bug
2018-08-27 18:32:33
Detecting Apache Struts 2 Namespace RCE: CVE-2018-11776
2018-08-23 20:27:19
Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities
2023-08-24 19:07:05
openvas
openvas
Huawei Data Communication: Apache Struts2 S2-057 Remote Code Execution Vulnerability in Some Huawei Products (huawei-sa-20181121-01-struts2)
2020-06-05 00:00:00
Apache Struts2 Remote Code Execution Vulnerability (S2-057)
2018-08-23 00:00:00
Apache Struts2 Remote Code Execution Vulnerability (S2-057) (Active Check)
2018-08-27 00:00:00
metasploit
metasploit
Apache Struts 2 Namespace Redirect OGNL Injection
2018-08-31 18:48:22
Atlassian Confluence WebWork OGNL Injection
2021-10-14 21:58:04
talosblog
talosblog
Connecting the dots between recently active cryptominers
2018-12-18 08:33:00
cisco
cisco
Apache Struts Remote Code Execution Vulnerability Affecting Cisco Products: August 2018
2018-08-23 20:00:00
kitploit
kitploit
Mitaka - A Browser Extension For OSINT Search
2019-09-21 12:00:00
Apache Struts v3 - Tool To Exploit 3 RCE Vulnerabilities On ApacheStruts
2018-08-26 21:14:00
Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts
2019-05-12 13:09:00
nuclei
nuclei
Apache Struts2 S2-057 - Remote Code Execution
2021-02-24 04:29:30
Confluence Server - Remote Code Execution
2021-08-31 20:40:27
threatpost
threatpost
GitHub Code Execution Bug Fetches $18,000 Bounty
2017-03-17 09:00:04
Protecting Cloud APIs Critical to Mitigating Total Compromise
2016-05-19 14:20:22
Gitrob Combs Github Repositories for Secret Company Data
2015-01-13 12:55:07
osv
osv
Apache Struts vulnerable to remote command execution (RCE) due to improper input validation
2018-10-18 19:24:38
CVE-2018-11776
2018-08-22 13:29:00
nessus
nessus
Apache Struts CVE-2018-11776 Results With No Namespace Possible Remote Code Execution (S2-057)
2018-08-22 00:00:00
Apache Struts CVE-2018-11776 Results With No Namespace Remote Code Execution (S2-057) (remote)
2018-08-23 00:00:00
Cisco Unified Communication Manager Apache Struts RCE (CSCvm14042)
2018-09-05 00:00:00
akamaiblog
akamaiblog
Web Application and API Protection -- From SQL Injection to Magecart
2020-09-09 13:00:00
Confluence Server Webwork OGNL Injection (CVE-2021-26084): How Akamai Helps You Protect Against Zero-Day Attacks
2021-09-15 07:00:00
Confluence Server Webwork OGNL Injection (CVE-2021-26084): How Akamai Helps You Protect Against Zero-Day Attacks
2021-09-15 07:00:00
prion
prion
Remote code execution
2018-08-22 13:29:00
Code injection
2021-08-30 07:15:00
zdt
zdt
Apache Struts 2.x Remote Code Execution Vulnerability
2018-08-24 00:00:00
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1) Exploit
2018-08-28 00:00:00
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2) Exploit
2018-08-28 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2018-08-22 17:36:38
exploitpack
exploitpack
Apache Struts 2.3 2.3.34 2.5 2.5.16 - Remote Code Execution (1)
2018-08-26 00:00:00
packetstorm
packetstorm
Apache Struts 2.3 / 2.5 Remote Code Execution
2018-08-26 00:00:00
Apache Struts 2 Namespace Redirect OGNL Injection
2018-09-07 00:00:00
Apache Struts 2.3 / 2.5 Remote Code Execution
2018-08-25 00:00:00
dsquare
dsquare
Apache Struts 2 Multiple Tags Result Namespace Handling RCE
2018-10-20 00:00:00
redhatcve
redhatcve
CVE-2018-11776
2018-08-22 08:49:33
myhack58
myhack58
Apache Struts2 S2-057 vulnerability analysis and early warning-vulnerability warning-the black bar safety net
2018-08-23 00:00:00
Apache Struts OGNL injection vulnerability principle with an example-vulnerability warning-the black bar safety net
2019-03-30 00:00:00
S2-057 vulnerability in the original author's README: how to use automated tools find 5 RCE-vulnerability warning-the black bar safety net
2018-08-23 00:00:00
github
github
Apache Struts vulnerable to remote command execution (RCE) due to improper input validation
2018-10-18 19:24:38
Bypassing OGNL sandboxes for fun and charities
2023-01-27 16:00:49
checkpoint_advisories
checkpoint_advisories
Apache Struts Remote Code Execution (CVE-2018-11776)
2018-08-23 00:00:00
Atlassian Confluence Remote Code Execution (CVE-2021-26084)
2021-09-05 00:00:00
ubuntucve
ubuntucve
CVE-2018-11776
2018-08-22 00:00:00
f5
f5
K60499474 : Apache Struts vulnerability CVE-2018-11776
2018-08-24 00:00:00
krebs
krebs
Experts Urge Rapid Patching of ‘Struts’ Bug
2018-08-23 20:22:35
impervablog
impervablog
Read: Apache Struts Patches ‘Critical Vulnerability’ CVE-2018-11776
2018-08-23 14:25:36
2021 in Review, Part 2: 5 Top Cybersecurity Stories
2021-12-29 12:03:19
New Sysrv Botnet Variant Makes Use of Google Subdomain to Spread XMRig Miner
2024-03-20 16:56:29
cve
cve
CVE-2018-11776
2018-08-22 13:29:00
CVE-2021-26084
2021-08-30 07:15:00
cisa_kev
cisa_kev
Apache Struts Remote Code Execution Vulnerability
2021-11-03 00:00:00
Atlassian Confluence Server and Data Center Object-Graph Navigation Language (OGNL) Injection Vulnerability
2021-11-03 00:00:00
trendmicroblog
trendmicroblog
Server Security for the Modern IT Ecosystem
2019-01-03 15:30:46
Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage
2021-09-21 00:00:00
Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One
2021-10-18 00:00:00
cisa
cisa
Atlassian Releases Security Updates for Confluence Server and Data Center
2021-09-03 00:00:00
atlassian
atlassian
Confluence Server Webwork OGNL injection - CVE-2021-26084
2021-07-27 05:13:48
RCE on Confluence Data Center via OGNL Injection - CVE-2021-39114
2021-08-27 03:55:57
Confluence Server Webwork OGNL injection - CVE-2021-26084
2021-07-27 05:13:48
thn
thn
U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw
2021-09-04 07:19:00
Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns
2021-09-28 15:31:00
Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server
2021-09-07 10:05:00
hackerone
hackerone
U.S. Dept Of Defense: RCE on ███████ [CVE-2021-26084]
2021-09-02 02:58:10
U.S. Dept Of Defense: RCE in ███ [CVE-2021-26084]
2021-09-02 05:49:27
exploitdb
exploitdb
Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit)
2018-09-10 00:00:00
Apache Struts 2.3 &lt; 2.3.34 / 2.5 &lt; 2.5.16 - Remote Code Execution (1)
2018-08-26 00:00:00
Confluence Server 7.12.4 - &#039;OGNL injection&#039; Remote Code Execution (RCE) (Unauthenticated)
2021-09-01 00:00:00
malwarebytes
malwarebytes
Update now! Atlassian Confluence vulnerability is being actively exploited
2023-10-12 04:00:00
The top 5 most routinely exploited vulnerabilities of 2021
2022-04-29 16:28:20
2022's most routinely exploited vulnerabilities—history repeats
2023-08-07 18:30:00
hivepro
hivepro
Cerber targeting organizations with publicly available exploits
2021-12-14 13:50:15
mssecure
mssecure
Cadet Blizzard emerges as a novel and distinct Russian threat actor
2023-06-14 16:00:00
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
2021-12-12 05:29:03
mmpc
mmpc
Cadet Blizzard emerges as a novel and distinct Russian threat actor
2023-06-14 16:00:00
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability
2021-12-12 05:29:03
avleonov
avleonov
Security News: Microsoft Patch Tuesday September 2021, OMIGOD, MSHTML RCE, Confluence RCE, Ghostscript RCE, FORCEDENTRY Pegasus
2021-09-18 23:22:00
Joint Advisory AA22-279A and Vulristics
2022-10-21 20:10:13
fireeye
fireeye
Think Fast: Time Between Disclosure, Patch Release and Vulnerability Exploitation — Intelligence for Vulnerability Management, Part Two
2020-04-13 00:00:00
googleprojectzero
googleprojectzero
2022 0-day In-the-Wild Exploitation…so far
2022-06-30 00:00:00
ics
ics
Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors
2022-10-06 12:00:00
2021 Top Routinely Exploited Vulnerabilities
2022-04-28 12:00:00
2022 Top Routinely Exploited Vulnerabilities
2023-08-03 12:00:00
securelist
securelist
IT threat evolution in Q3 2021. PC statistics
2021-11-26 12:00:36
oracle
oracle
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON
Related for 3926D602-9F67-5EF7-B2D1-A6B2716E1DF5
githubexploit35rapid7blog5attackerkb7ibm8qualysblog8openvas3metasploit2talosblog1cisco1kitploit5nuclei2threatpost23osv2nessus9akamaiblog3prion2zdt7veracode1exploitpack1packetstorm6dsquare1redhatcve1myhack583github2checkpoint_advisories2ubuntucve1f51krebs1impervablog7cve2cisa_kev2trendmicroblog4cisa1atlassian3thn14hackerone2exploitdb3malwarebytes4hivepro1mssecure2mmpc2avleonov2fireeye1googleprojectzero1ics3securelist1oracle1