目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2021-26084 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Atlassian Confluence Server 注入漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能,并支持用于构建企业WiKi的协同软件的服务器版本。 Atlassian Confluence Server and Data Center 存在注入漏洞,经过身份验证的用户在Confluence 服务器或数据中心实例上执行任意代码。以下产品及版本收到影响:All 4.x.x versions、All 5.x.x versions、All 6.0.x versions、All 6.1.x ver
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
AtlassianConfluence Server unspecified ~ 6.13.23 -
AtlassianConfluence Data Center unspecified ~ 6.13.23 -
二、漏洞 CVE-2021-26084 的公开POC
#POC 描述源链接神龙链接
1CVE-2021-26084 - Confluence Pre-Auth RCE | OGNL injection https://github.com/crowsec-edtech/CVE-2021-26084POC详情
2Nonehttps://github.com/alt3kx/CVE-2021-26084_PoCPOC详情
3Nonehttps://github.com/dinhbaouit/CVE-2021-26084POC详情
4CVE-2021-26084 Remote Code Execution on Confluence Servers, reference: https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.mdhttps://github.com/JKme/CVE-2021-26084POC详情
5Confluence Server Webwork OGNL injectionhttps://github.com/h3v0x/CVE-2021-26084_ConfluencePOC详情
6Atlassian Confluence Pre-Auth RCEhttps://github.com/Udyz/CVE-2021-26084POC详情
7CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection 回显https://github.com/prettyrecon/CVE-2021-26084_ConfluencePOC详情
8CVE-2021-26084 Remote Code Execution on Confluence Servershttps://github.com/0xf4n9x/CVE-2021-26084POC详情
9Remote Code Execution on Confluence Servers : CVE-2021-26084https://github.com/Vulnmachines/Confluence_CVE-2021-26084POC详情
10CVE-2021-26084 Remote Code Execution on Confluence Servershttps://github.com/Osyanina/westone-CVE-2021-26084-scannerPOC详情
11批量检测https://github.com/b1gw00d/CVE-2021-26084POC详情
12CVE-2021-26084 - Confluence Server Webwork OGNL injection (Pre-Auth RCE)https://github.com/taythebot/CVE-2021-26084POC详情
13PoC of CVE-2021-26084 written in Golang based on https://twitter.com/jas502n/status/1433044110277890057?s=20https://github.com/bcdannyboy/CVE-2021-26084_GoPOCPOC详情
14Just run command without brainhttps://github.com/smallpiggy/cve-2021-26084-confluencePOC详情
15This is exploithttps://github.com/maskerTUI/CVE-2021-26084POC详情
16This nuclei template is to verify the vulnerability without executing any commands to the target machine https://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-templatePOC详情
17CVE-2021-26084https://github.com/p0nymc1/CVE-2021-26084POC详情
18CVE-2021-26084 Confluence OGNL injectionhttps://github.com/Loneyers/CVE-2021-26084POC详情
19cve-2021-26084 EXPhttps://github.com/Xc1Ym/cve_2021_26084POC详情
20Setting up POC for CVE-2021-26084https://github.com/wolf1892/confluence-rce-pocPOC详情
21Confluence server webwork OGNL injectionhttps://github.com/smadi0x86/CVE-2021-26084POC详情
22asjhdsajdlksavksapfokahttps://github.com/kkin77/CVE-2021-26084-Confluence-OGNLPOC详情
23Atlassian Confluence CVE-2021-26084 one-liner mass checkerhttps://github.com/1ZRR4H/CVE-2021-26084POC详情
24A quick and dirty PoC of cve-2021-26084 as none of the existing ones worked for me.https://github.com/GlennPegden2/cve-2021-26084-confluencePOC详情
25Patched Confluence 7.12.2 (CVE-2021-26084)https://github.com/toowoxx/docker-confluence-patchedPOC详情
26CVE-2021-26084 patch as provided in "Confluence Security Advisory - 2021-08-25"https://github.com/nizar0x1f/CVE-2021-26084-patch-POC详情
27Confluence OGNL injectionhttps://github.com/dorkerdevil/CVE-2021-26084POC详情
28[CVE-2021-26084] Confluence pre-auth RCE test scripthttps://github.com/ludy-dev/CVE-2021-26084_PoCPOC详情
29Nonehttps://github.com/wdjcy/CVE-2021-26084POC详情
30CVE-2021-26084 - Confluence Server Webwork OGNL injection https://github.com/orangmuda/CVE-2021-26084POC详情
31Exploit CVE 2021 26084 Confluencehttps://github.com/TheclaMcentire/CVE-2021-26084_ConfluencePOC详情
32confluence远程代码执行RCE / Code By:Jun_shenghttps://github.com/Jun-5heng/CVE-2021-26084POC详情
33CVE-2021-26084,Atlassian Confluence OGNL注入漏洞https://github.com/lleavesl/CVE-2021-26084POC详情
34Python 3 script to identify CVE-2021-26084 via network requests.https://github.com/quesodipesto/conflucheckPOC详情
35OGNL Injection in Confluence server version < 7.12.5https://github.com/30579096/Confluence-CVE-2021-26084POC详情
36POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection Vulneralibity.https://github.com/antx-code/CVE-2021-26084POC详情
37Nonehttps://github.com/vpxuser/CVE-2021-26084-EXPPOC详情
38Confluence Server Webwork OGNL injectionhttps://github.com/hev0x/CVE-2021-26084_ConfluencePOC详情
39Python3 RCE PoC for CVE-2021-26084https://github.com/Marshall-Hallenbeck/CVE-2021-26084_Confluence_RCEPOC详情
40Nonehttps://github.com/nahcusira/CVE-2021-26084POC详情
41Atlassian Confluence Pre-Auth RCEhttps://github.com/CrackerCat/CVE-2021-26084POC详情
42POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Pre-Auth RCE Injection Vulneralibity.https://github.com/ZZ-SOCMAP/CVE-2021-26084POC详情
43Confluence OGNL injectionhttps://github.com/attacker-codeninja/CVE-2021-26084POC详情
44Confluence Server and Data Center contain an OGNL injection vulnerability that could allow an authenticated user, and in some instances an unauthenticated user, to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5. The vulnerable endpoints can be accessed by a non-administrator user or unauthenticated user if 'Allow people to sign up to create their account' is enabled. To check whether this is enabled go to COG > User Management > User Signup Options.https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-26084.yamlPOC详情
45Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Atlassian%20Confluence%20doenterpagevariables.action%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2021-26084.mdPOC详情
46Nonehttps://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Atlassian%20Confluence%20OGNL%E8%A1%A8%E8%BE%BE%E5%BC%8F%E6%B3%A8%E5%85%A5%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2021-26084.mdPOC详情
47https://github.com/vulhub/vulhub/blob/master/confluence/CVE-2021-26084/README.mdPOC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2021-26084 的情报信息
Please 登录 to view more intelligence information
IV. Related Vulnerabilities
Same product: Confluence Server
Same vendor: Atlassian
V. Comments for CVE-2021-26084

暂无评论

发表评论