Lucene search
K

10 matches found

0day.today
0day.today
added 2024/07/15 12:0 a.m.273 views

Atlassian Confluence Administrator Code Macro Remote Code Execution Exploit

This Metasploit module exploits an authenticated administrator-level vulnerability in Atlassian Confluence, tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating tainted data from uploaded text files. This facilitates arbitrary code execution. This...

8.8CVSS8.1AI score0.88267EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2024/07/12 2:33 p.m.46 views

Metasploit Weekly Wrap-Up 07/12/2024

The Usual Suspects This release features two new exploits targeting old friends: Confluence and Ivanti. CVE-2024-21683 is a very easy vulnerability to exploit, but as pointed out in the AttackerKB Review, it requires authentication as a ‘Confluence Administrator.’ On the other hand, CVE-2024-2982...

8.8CVSS8.6AI score0.99951EPSS
Exploits14
Metasploit
Metasploit
added 2024/07/11 7:53 p.m.342 views

Atlassian Confluence Administrator Code Macro Remote Code Execution

This module exploits an authenticated administrator-level vulnerability in Atlassian Confluence, tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating tainted data from uploaded text files. This facilitates arbitrary code execution. This exploit will...

8.8CVSS9.4AI score0.88267EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/07/11 12:0 a.m.366 views

Atlassian Confluence Administrator Code Macro Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Administrator Code Macro Remote Code Execution', 'Description' = %q This module exploits an authenticated administrator-leve...

8.8CVSS7AI score0.88267EPSS
Exploits9
GithubExploit
GithubExploit
added 2024/06/04 12:0 p.m.569 views

Exploit for Code Injection in Atlassian Confluence_Data_Center

CVE-2024-21683 21 мая 2024 года была зарегистрирована уязвимо...

8.8CVSS8.8AI score0.88267EPSS
Exploits9
GithubExploit
GithubExploit
added 2024/05/27 11:14 a.m.634 views

Exploit for Code Injection in Atlassian Confluence_Data_Center

Usage python poc.py -u http://localhost:8090...

8.8CVSS8.8AI score0.88267EPSS
Exploits9
GithubExploit
GithubExploit
added 2024/05/24 5:38 a.m.74 views

Exploit for Code Injection in Atlassian Confluence_Data_Center

-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server This...

8.8CVSS9AI score0.88267EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2024/05/24 12:0 a.m.56 views

Atlassian Confluence 5.2 < 7.19.22 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 RCE (CONFSERVER-95832)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95832 advisory. - This High severity RCE Remote Code Execution vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE Remote Cod...

8.8CVSS8.2AI score0.88267EPSS
Exploits9References4
GithubExploit
GithubExploit
added 2024/05/23 9:5 a.m.691 views

Exploit for Code Injection in Atlassian Confluence_Data_Center

CVE-2024-21683-RCE Credit https://x.com/realalphaman...

8.8CVSS8.8AI score0.88267EPSS
Exploits9
Cvelist
Cvelist
added 2024/05/21 11:0 p.m.47 views

CVE-2024-21683

This High severity RCE Remote Code Execution vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentialit...

8.8CVSS8.8AI score0.88267EPSS
Exploits9References2
Rows per page
Query Builder