Lucene search
+L

39 matches found

Information Security Automation
Information Security Automation
added 2022/10/21 8:10 p.m.161 views

Joint Advisory AA22-279A and Vulristics

Hello everyone! This episode will be about the new hot twenty vulnerabilities from CISA, NSA and FBI, Joint cybersecurity advisory CSA AA22-279A, and how I analyzed these vulnerabilities using my open source project Vulristics. Alternative video link for Russia: Americans cant just release a list...

10CVSS1.1AI score0.99999EPSS
Exploits973
0day.today
0day.today
added 2022/06/09 12:0 a.m.876 views

Atlassian Confluence Namespace OGNL Injection Exploit

This Metasploit module exploits an OGNL injection in Atlassian Confluence servers. A specially crafted URI can be used to evaluate an OGNL expression resulting in OS command execution. This module requires Metasploit: https://metasploit.com/download Current source:...

9.8CVSS0.4AI score0.99999EPSS
Exploits116
Packet Storm
Packet Storm
added 2022/06/08 12:0 a.m.1043 views

Atlassian Confluence Namespace OGNL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Namespace OGNL Injection', 'Description' = %q This module exploits an OGNL injection in Atlassian Confluence servers. A...

9.8CVSS9AI score0.99999EPSS
Exploits116
GithubExploit
GithubExploit
added 2022/01/13 6:29 a.m.7 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

This is a PoC exploit for CVE-2021-26084, a pre-auth RCE injecti...

9.8CVSS9.3AI score0.99999EPSS
Exploits45
hivepro
hivepro
added 2021/12/14 1:50 p.m.394 views

Cerber targeting organizations with publicly available exploits

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Cerber, ransomware that mysteriously vanished in 2019, has reappeared with a new encryption. The new cerber includes fresh source code and makes use of the new library Crypto+++, whereas the previous form made use of Windows...

7.5CVSS2.1AI score0.99999EPSS
Exploits75
Metasploit
Metasploit
added 2021/10/28 5:51 p.m.341 views

Atlassian Confluence WebWork OGNL Injection

This module exploits an OGNL injection in Atlassian Confluence's WebWork component to execute commands as the Tomcat user. Module Options msf use exploit/multi/http/atlassianconfluencewebworkognlinjection msf exploitatlassianconfluencewebworkognlinjection show targets ...targets... msf...

9.8CVSS8.7AI score0.99999EPSS
Exploits45
GithubExploit
GithubExploit
added 2021/10/26 6:1 a.m.608 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2021-26084 CVE-2021-26084,Atlassian Confluence OGNL注入漏洞 A...

9.8CVSS8.8AI score0.99999EPSS
Exploits45
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/10/18 12:0 a.m.345 views

Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One

We look into campaigns that exploit the following server vulnerabilities: CVE-2021-26084, CVE-2020-14882, CVE-2020-14750, and CVE-2020-14883...

10CVSS3.6AI score0.99999EPSS
Exploits90
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/10/18 12:0 a.m.76 views

Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One

We look into campaigns that exploit the following server vulnerabilities: CVE-2021-26084, CVE-2020-14882, CVE-2020-14750, and CVE-2020-14883...

10CVSS8.6AI score0.99999EPSS
Exploits90
The Hacker News
The Hacker News
added 2021/09/28 3:31 p.m.193 views

Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns

Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084 CVSS score:...

9.8CVSS0.3AI score0.99999EPSS
Exploits45
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/09/21 12:0 a.m.104 views

Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage

Recently, we discovered that the cryptomining trojan z0Miner has been taking advantage of the Atlassian’s Confluence remote code execution RCE vulnerability assigned as CVE-2021-26084, which was disclosed by Atlassian in August...

7.5CVSS3.9AI score0.99999EPSS
Exploits45
GithubExploit
GithubExploit
added 2021/09/18 7:33 a.m.120 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2021-26084...

9.8CVSS8.7AI score0.99999EPSS
Exploits45
Akamai Blog
Akamai Blog
added 2021/09/15 7:0 a.m.151 views

Confluence Server Webwork OGNL Injection (CVE-2021-26084): How Akamai Helps You Protect Against Zero-Day Attacks

Recently Atlassian has disclosed a critical RCE Remote Code Execution vulnerability in its Confluence server and Data Center products CVE-2021-26084, which might allow unauthenticated users to execute arbitrary code on vulnerable servers...

7.5CVSS6.1AI score0.99999EPSS
Exploits45
Akamai Blog
Akamai Blog
added 2021/09/15 7:0 a.m.133 views

Confluence Server Webwork OGNL Injection (CVE-2021-26084): How Akamai Helps You Protect Against Zero-Day Attacks

Recently Atlassian has disclosed a critical RCE Remote Code Execution vulnerability in its Confluence server and Data Center products CVE-2021-26084, which might allow unauthenticated users to execute arbitrary code on vulnerable servers...

9.8CVSS6.1AI score0.99999EPSS
Exploits45
0day.today
0day.today
added 2021/09/10 12:0 a.m.1627 views

Atlassian Confluence WebWork OGNL Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence WebWork OGNL Injection', 'Description' = %q This module exploits an OGNL injection in Atlassian Confluence's WebWork compone...

9.8CVSS8.8AI score0.99999EPSS
Exploits45
Packet Storm
Packet Storm
added 2021/09/10 12:0 a.m.589 views

Atlassian Confluence WebWork OGNL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence WebWork OGNL Injection', 'Description' = %q This module exploits an OGNL injection in Atlassian Confluence's WebWork compone...

7.5CVSS8.7AI score0.99999EPSS
Exploits45
The Hacker News
The Hacker News
added 2021/09/07 10:5 a.m.93 views

Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. T...

9.8CVSS2.2AI score0.99999EPSS
Exploits45
GithubExploit
GithubExploit
added 2021/09/05 9:27 a.m.146 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2021-26084 An OGNL injection vulnerability exists that...

9.8CVSS9.1AI score0.99999EPSS
Exploits45
GithubExploit
GithubExploit
added 2021/09/04 2:53 p.m.131 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

confluence-rce-poc Setting up...

9.8CVSS8.8AI score0.99999EPSS
Exploits45
The Hacker News
The Hacker News
added 2021/09/04 7:19 a.m.124 views

U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw

The U.S. Cyber Command on Friday warned of ongoing mass exploitation attempts in the wild targeting a now-patched critical security vulnerability affecting Atlassian Confluence deployments that could be abused by unauthenticated attackers to take control of a vulnerable system. "Mass exploitation...

9.8CVSS2.1AI score0.99999EPSS
Exploits45
Rows per page
Query Builder