CVE-2022-26134

NVD Published Date: June 03, 2022 at 10:15 PM
NVD Last Modified: June 28, 2024 at 02:22 PM
Download Patch
Vulnerability ID
CVE-2022-26134
Severity
CRITICAL
Severity Score
9.8
Summary
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Exploits

https://www.exploit-db.com/exploits/50952

https://github.com/W01fh4cker/Serein

https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL

https://github.com/jbaines-r7/through_the_wire

https://github.com/hev0x/CVE-2022-26134

https://github.com/crowsec-edtech/CVE-2022-26134

https://github.com/SNCKER/CVE-2022-26134

https://github.com/nxtexploit/CVE-2022-26134

https://github.com/SIFalcon/confluencePot

https://github.com/AmoloHT/CVE-2022-26134

https://github.com/iveresk/cve-2022-26134

https://github.com/redhuntlabs/ConfluentPwn

https://github.com/whokilleddb/CVE-2022-26134-Confluence-RCE

https://github.com/abhishekmorla/CVE-2022-26134

https://github.com/offlinehoster/CVE-2022-26134

https://github.com/MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell

https://github.com/keven1z/CVE-2022-26134

https://github.com/Y000o/Confluence-CVE-2022-26134

https://github.com/kyxiaxiang/CVE-2022-26134

https://github.com/Vulnmachines/Confluence-CVE-2022-26134

https://github.com/li8u99/CVE-2022-26134

https://github.com/alcaparra/CVE-2022-26134

https://github.com/cai-niao98/CVE-2022-26134

https://github.com/skhalsa-sigsci/CVE-2022-26134-LAB

https://github.com/Chocapikk/CVE-2022-26134

https://github.com/KeepWannabe/BotCon

https://github.com/CatAnnaDev/CVE-2022-26134

https://github.com/archanchoudhury/Confluence-CVE-2022-26134

https://github.com/kh4sh3i/CVE-2022-26134

https://github.com/cbk914/CVE-2022-26134_check

https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html

https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html

https://github.com/offlinehoster/CVE-2022-26134

https://github.com/jbaines-r7/through_the_wire

https://github.com/Nwqda/CVE-2022-26134

https://github.com/crowsec-edtech/CVE-2022-26134

https://github.com/SNCKER/CVE-2022-26134

https://github.com/W01fh4cker/Serein

https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL

https://github.com/li8u99/CVE-2022-26134

https://github.com/PsykoDev/CVE-2022-26134

https://github.com/Y000o/Confluence-CVE-2022-26134

https://github.com/redhuntlabs/ConfluentPwn

https://github.com/h3v0x/CVE-2022-26134

https://github.com/SIFalcon/confluencePot

http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html

http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html

https://github.com/AmoloHT/CVE-2022-26134

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/atlassian_confluence_namespace_ognl_injection.rb

https://github.com/cai-niao98/CVE-2022-26134

https://github.com/whokilleddb/CVE-2022-26134-Confluence-RCE

https://github.com/Chocapikk/CVE-2022-26134

https://github.com/Vulnmachines/Confluence-CVE-2022-26134

https://github.com/nxtexploit/CVE-2022-26134

https://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html

https://github.com/archanchoudhury/Confluence-CVE-2022-26134

https://github.com/iveresk/cve-2022-26134

https://www.cisa.gov/known-exploited-vulnerabilities-catalog

https://github.com/keven1z/CVE-2022-26134

https://github.com/p4b3l1t0/confusploit

https://github.com/kyxiaxiang/CVE-2022-26134

https://github.com/PyterSmithDarkGhost/0DAYEXPLOITAtlassianConfluenceCVE-2022-26134

https://github.com/coskper-papa/CVE-2022-26134

https://github.com/trhacknon/CVE-2022-26134-miam

https://github.com/cbk914/CVE-2022-26134_check

https://github.com/MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell

https://github.com/kh4sh3i/CVE-2022-26134

https://github.com/alcaparra/CVE-2022-26134

https://github.com/skhalsa-sigsci/CVE-2022-26134-LAB

https://github.com/abhishekmorla/CVE-2022-26134

https://github.com/hev0x/CVE-2022-26134

https://github.com/KeepWannabe/BotCon

https://github.com/CatAnnaDev/CVE-2022-26134

Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
CWE-917

Recent Publish

CVE-2022-26352

CVE-2022-35405

CVE-2024-38207

CVE-2024-7568

CVE-2023-0926

CVE-2023-6987

See SecOps Solution
in action

Schedule Demo