10 matches found
Atlassian Confluence Administrator Code Macro Remote Code Execution Exploit
This Metasploit module exploits an authenticated administrator-level vulnerability in Atlassian Confluence, tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating tainted data from uploaded text files. This facilitates arbitrary code execution. This...
Metasploit Weekly Wrap-Up 07/12/2024
The Usual Suspects This release features two new exploits targeting old friends: Confluence and Ivanti. CVE-2024-21683 is a very easy vulnerability to exploit, but as pointed out in the AttackerKB Review, it requires authentication as a ‘Confluence Administrator.’ On the other hand, CVE-2024-2982...
Atlassian Confluence Administrator Code Macro Remote Code Execution
This module exploits an authenticated administrator-level vulnerability in Atlassian Confluence, tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating tainted data from uploaded text files. This facilitates arbitrary code execution. This exploit will...
Atlassian Confluence Administrator Code Macro Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Administrator Code Macro Remote Code Execution', 'Description' = %q This module exploits an authenticated administrator-leve...
Exploit for Code Injection in Atlassian Confluence_Data_Center
CVE-2024-21683 21 мая 2024 года была зарегистрирована уязвимо...
Exploit for Code Injection in Atlassian Confluence_Data_Center
Usage python poc.py -u http://localhost:8090...
Exploit for Code Injection in Atlassian Confluence_Data_Center
-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server This...
Atlassian Confluence 5.2 < 7.19.22 / 7.20.x < 8.5.9 / 8.6.x < 8.9.1 RCE (CONFSERVER-95832)
The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-95832 advisory. - This High severity RCE Remote Code Execution vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE Remote Cod...
Exploit for Code Injection in Atlassian Confluence_Data_Center
CVE-2024-21683-RCE Credit https://x.com/realalphaman...
CVE-2024-21683
This High severity RCE Remote Code Execution vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentialit...