Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

9408CE26-37BB-5A4C-9440-BAB53E658A12

HistoryDec 29, 2023 - 6:51 a.m.

Exploit for Expression Language Injection in Atlassian Confluence Data Center

2023-12-2906:51:38

180

atlassian

vulnerability

ognl injection

remote code execution

unauthenticated user

confluence server

data center

security advisory

arbitrary code execution

exploit

cve-2022-26134

remote exploitation

risk mitigation

demo

python3

burprequest

request example

exploit usage

ognl expression

references

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

JSON

Confluence Pre-Auth Remote Code Execution via OGNL Injection (…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

threatpost 2

checkpoint_advisories 1

hivepro 1

githubexploit 56

cisa 3

thn 14

malwarebytes 4

trendmicroblog 1

metasploit 1

nuclei 1

packetstorm 2

nessus 3

qualysblog 4

cisa_kev 1

cve 1

zdt 3

akamaiblog 3

wallarmlab 1

atlassian 2

impervablog 4

prion 1

ubuntucve 1

exploitdb 1

mssecure 1

mmpc 1

avleonov 2

kitploit 1

rapid7blog 7

trellix 2

attackerkb 1

github 1

googleprojectzero 1

ics 2

threatpost

DragonForce Gang Unleash Hacks Against Govt. of India

2022-06-15 13:59:37

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

2022-06-07 11:21:47

checkpoint_advisories

Atlassian Confluence Remote Code Execution (CVE-2022-26134)

2022-06-06 00:00:00

hivepro

Vulnerable Atlassian Confluence Servers utilized to drop Crypto Miners

2022-09-29 06:56:17

githubexploit

Exploit for Injection in Atlassian Confluence Data Center

2022-06-07 19:59:55

Exploit for Injection in Atlassian Confluence Data Center

2022-06-12 21:26:17

Exploit for Expression Language Injection in Atlassian Confluence Data Center

2022-06-04 10:44:38

cisa

CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog  

2022-06-02 00:00:00

Atlassian Releases New Versions of Confluence Server and Data Center to Address CVE-2022-26134

2022-06-03 00:00:00

Atlassian Releases Security Advisory for Confluence Server and Data Center, CVE-2022-26134

2022-06-02 00:00:00

thn

This Cloud Botnet Has Hijacked 30,000 Systems to Mine Cryptocurrencies

2022-07-20 11:44:00

Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild

2022-06-04 08:57:00

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

2022-09-16 10:58:00

malwarebytes

[updated]Unpatched Atlassian Confluence vulnerability is actively exploited

2022-06-03 14:41:58

“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft

2022-06-14 12:43:08

2022's most routinely exploited vulnerabilities—history repeats

2023-08-07 18:30:00

trendmicroblog

Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware

2022-09-21 00:00:00

metasploit

Atlassian Confluence Namespace OGNL Injection

2022-06-03 19:27:13

nuclei

Confluence - Remote Code Execution

2022-06-03 20:11:56

packetstorm

Confluence OGNL Injection Remote Code Execution

2022-06-07 00:00:00

Atlassian Confluence Namespace OGNL Injection

2022-06-08 00:00:00

nessus

Atlassian Confluence Command Injection (CVE-2022-26134) (Direct Check)

2022-06-14 00:00:00

Atlassian Confluence Command Injection (CVE-2022-26134)

2022-06-03 00:00:00

Atlassian Confluence Command Injection (CONFSERVER-79016)

2023-01-04 00:00:00

qualysblog

Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)

2022-06-29 20:23:28

Atlassian Confluence: Questions for Confluence App Hardcoded Credentials Vulnerability (CVE-2022-26138)

2022-08-17 10:12:53

Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities

2023-08-24 19:07:05

cisa_kev

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

2022-06-02 00:00:00

cve

CVE-2022-26134

2022-06-03 22:15:00

zdt

Confluence Data Center 7.18.0 - Remote Code Execution Exploit

2022-06-10 00:00:00

Confluence OGNL Injection Remote Code Execution Exploit

2022-06-07 00:00:00

Atlassian Confluence Namespace OGNL Injection Exploit

2022-06-09 00:00:00

akamaiblog

Akamai?s Observations of Confluence Zero Day (CVE-2022-26134)

2022-06-28 13:00:00

Akamai Protects Against the Atlassian Confluence 0-Day (CVE-2022-26134)

2022-06-03 09:00:52

Akamai?s Observations of Confluence Zero Day (CVE-2022-26134)

2022-06-28 13:00:00

wallarmlab

Update on the Confluence 0-day vulnerability (CVE-2022-26134)

2022-06-03 20:50:59

atlassian

Unauthenticated remote code execution vulnerability via OGNL template injection - Duplicate

2022-06-02 03:36:35

Remote code execution via OGNL injection in Confluence Server & Data Center - CVE-2022-26134

2022-06-03 20:08:07

impervablog

Imperva Earns Three Cyber Defense Global InfoSec Awards for 2022

2022-07-26 13:16:19

Imperva Customers are protected from Atlassian Confluence CVE-2022-26134

2022-06-04 22:05:24

Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery

2024-02-21 09:28:01

prion

Code injection

2022-06-03 22:15:00

ubuntucve

CVE-2022-26134

2022-06-03 00:00:00

exploitdb

Confluence Data Center 7.18.0 - Remote Code Execution (RCE)

2022-06-10 00:00:00

mssecure

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

2023-09-14 16:30:00

mmpc

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

2023-09-14 16:30:00

avleonov

Vulnerability Management news and publications #1

2022-07-06 12:13:56

Joint Advisory AA22-279A and Vulristics

2022-10-21 20:10:13

kitploit

confluencePot - Simple Honeypot For Atlassian Confluence (CVE-2022-26134)

2022-06-13 12:30:00

rapid7blog

Metasploit Weekly Wrap-Up

2022-06-10 18:07:05

Active Exploitation of Confluence CVE-2022-26134

2022-06-02 23:27:15

Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26138

2022-07-27 19:26:38

trellix

The Bug Report – June 2022 Edition

2022-07-06 00:00:00

The Bug Report – June 2022 Edition

2022-07-06 00:00:00

attackerkb

CVE-2022-26134

2022-07-13 00:00:00

github

Bypassing OGNL sandboxes for fun and charities

2023-01-27 16:00:49

googleprojectzero

2022 0-day In-the-Wild Exploitation…so far

2022-06-30 00:00:00

ics

Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

2022-10-06 12:00:00

2022 Top Routinely Exploited Vulnerabilities

2023-08-03 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

JSON

Related for 9408CE26-37BB-5A4C-9440-BAB53E658A12