漏洞信息(CVE-2022-26134)

一、漏洞 CVE-2022-26134 基础信息

漏洞信息

                                        # N/A

## 概述
在受漏洞影响的Confluence Server和Data Center版本中，存在一个OGNL注入漏洞，该漏洞允许未认证的攻击者在Confluence Server或Data Center实例上执行任意代码。

## 影响版本
- 1.3.0 到 7.4.17（不包括7.4.17）
- 7.13.0 到 7.13.7（不包括7.13.7）
- 7.14.0 到 7.14.3（不包括7.14.3）
- 7.15.0 到 7.15.2（不包括7.15.2）
- 7.16.0 到 7.16.4（不包括7.16.4）
- 7.17.0 到 7.17.4（不包括7.17.4）
- 7.18.0 到 7.18.1（不包括7.18.1）

## 细节
此漏洞源于OGNL注入，允许攻击者在未经身份验证的情况下执行任意代码。这可能对服务器或数据环境造成严重威胁，包括数据泄露或服务器被完全控制。

## 影响
该漏洞使未认证的攻击者能够执行任意代码，可能导致服务器受损、数据泄露或服务器完全被控制。

提示

尽管我们采用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确，但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利！

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

Atlassian Confluence Server 注入漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能，并支持用于构建企业WiKi的协同软件的服务器版本。 Atlassian Confluence Server 和 Data Center 存在注入漏洞。攻击者利用该漏洞执行任意代码。以下产品及版本受到影响：1.3.0版本至7.4.17之前版本、7.13.0版本至7.13.7之前版本、7.14.0版本至7.14.3之前版本、7.15.0版本至 7.15.2之前版本、7.16.0版本至7.16.4之

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

注入

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2022-26134 的公开POC

#	POC 描述	源链接	神龙链接
1	【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。	https://github.com/W01fh4cker/Serein	POC详情
2	Information and scripts for the confluence CVE-2022-26134	https://github.com/offlinehoster/CVE-2022-26134	POC详情
3	0-DAY: Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134).	https://github.com/CyberDonkyx0/CVE-2022-26134	POC详情
4	This repository contains Yara rule and the method that a security investigator may want to use for CVE-2022-26134 threat hunting on their Linux confluence servers.	https://github.com/th3b3ginn3r/CVE-2022-26134-Exploit-Detection	POC详情
5	CVE-2022-26134 Proof of Concept	https://github.com/jbaines-r7/through_the_wire	POC详情
6	CVE-2022-26134 - Confluence Pre-Auth RCE \| OGNL injection	https://github.com/crowsec-edtech/CVE-2022-26134	POC详情
7	None	https://github.com/kyxiaxiang/CVE-2022-26134	POC详情
8	（CVE-2022-26134）an unauthenticated and remote OGNL injection vulnerability resulting in code execution in the context of the Confluence server	https://github.com/Brucetg/CVE-2022-26134	POC详情
9	Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC	https://github.com/shamo0/CVE-2022-26134	POC详情
10	[CVE-2022-26134]Confluence OGNL expression injected RCE with sandbox bypass.	https://github.com/SNCKER/CVE-2022-26134	POC详情
11	None	https://github.com/Sakura-nee/CVE-2022-26134	POC详情
12	None	https://github.com/Vulnmachines/Confluence-CVE-2022-26134	POC详情
13	Atlassian confluence poc	https://github.com/axingde/CVE-2022-26134	POC详情
14	CVE-2022-26134	https://github.com/1rm/Confluence-CVE-2022-26134	POC详情
15	None	https://github.com/0xAgun/CVE-2022-26134	POC详情
16	None	https://github.com/abhishekmorla/CVE-2022-26134	POC详情
17	Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)	https://github.com/h3v0x/CVE-2022-26134	POC详情
18	This repository talks about Zero-Day Exploitation of Atlassian Confluence, it's defense and analysis point of view from a SecOps or Blue Team perspective	https://github.com/archanchoudhury/Confluence-CVE-2022-26134	POC详情
19	Simple Honeypot for Atlassian Confluence (CVE-2022-26134)	https://github.com/SIFalcon/confluencePot	POC详情
20	None	https://github.com/PsykoDev/CVE-2022-26134	POC详情
21	None	https://github.com/vesperp/CVE-2022-26134-Confluence	POC详情
22	Atlassian Confluence 远程代码执行漏洞（CVE-2022-26134）	https://github.com/li8u99/CVE-2022-26134	POC详情
23	Implementation of CVE-2022-26134	https://github.com/reubensammut/cve-2022-26134	POC详情
24	None	https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL	POC详情
25	CVE-2022-26134 Confluence OGNL Injection POC	https://github.com/alcaparra/CVE-2022-26134	POC详情
26	Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection	https://github.com/whokilleddb/CVE-2022-26134-Confluence-RCE	POC详情
27	Atlassian Confluence- Unauthenticated OGNL injection vulnerability (RCE)	https://github.com/Habib0x0/CVE-2022-26134	POC详情
28	None	https://github.com/Y000o/Confluence-CVE-2022-26134	POC详情
29	Atlassian confluence unauthenticated ONGL injection remote code execution scanner (CVE-2022-26134).	https://github.com/redhuntlabs/ConfluentPwn	POC详情
30	CVE-2022-26134	https://github.com/cai-niao98/CVE-2022-26134	POC详情
31	CVE-2022-26134, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. This is CVE-2022-26134 expoitation script	https://github.com/sunny-kathuria/exploit_CVE-2022-26134	POC详情
32	[CVE-2022-26134] Attlasian Confluence RCE	https://github.com/KeepWannabe/BotCon	POC详情
33	CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection	https://github.com/Chocapikk/CVE-2022-26134	POC详情
34	「💥」CVE-2022-26134 - Confluence Pre-Auth RCE	https://github.com/AmoloHT/CVE-2022-26134	POC详情
35	[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)	https://github.com/kh4sh3i/CVE-2022-26134	POC详情
36	Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134)	https://github.com/ColdFusionX/CVE-2022-26134	POC详情
37	PoC for exploiting CVE-2022-26134 on Confluence	https://github.com/Luchoane/CVE-2022-26134_conFLU	POC详情
38	Atlassian, CVE-2022-26134 An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability.	https://github.com/r1skkam/TryHackMe-Atlassian-CVE-2022-26134	POC详情
39	Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE)	https://github.com/nxtexploit/CVE-2022-26134	POC详情
40	Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).	https://github.com/Debajyoti0-0/CVE-2022-26134	POC详情
41	None	https://github.com/f4yd4-s3c/cve-2022-26134	POC详情
42	confluence rce	https://github.com/coskper-papa/CVE-2022-26134	POC详情
43	This is a python script that can be used with Shodan CLI to mass hunting Confluence Servers vulnerable to CVE-2022-26134	https://github.com/p4b3l1t0/confusploit	POC详情
44	CVE-2022-26134-PoC	https://github.com/twoning/CVE-2022-26134-PoC	POC详情
45	Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server.	https://github.com/iveresk/cve-2022-26134	POC详情
46	远程攻击者在Confluence未经身份验证的情况下，可构造OGNL表达式进行注入，实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc，方便getshell。	https://github.com/keven1z/CVE-2022-26134	POC详情
47	CVE-2022-26134-Console	https://github.com/shiftsansan/CVE-2022-26134-Console	POC详情
48	CVE-2022-26134 web payload	https://github.com/1337in/CVE-2022-26134web	POC详情
49	Detecting CVE-2022-26134 using Nuclei	https://github.com/skhalsa-sigsci/CVE-2022-26134-LAB	POC详情
50	None	https://github.com/yigexioabai/CVE-2022-26134-cve1	POC详情
51	在受影响的Confluence Server 和Data Center 版本中，存在一个OGNL 注入漏洞，该漏洞允许未经身份验证的攻击者在Confluence Server 或Data Center 服务器上执行任意代码。	https://github.com/kailing0220/CVE-2022-26134	POC详情
52	批量检测CVE-2022-26134 RCE漏洞	https://github.com/xanszZZ/ATLASSIAN-Confluence_rce	POC详情
53	Confluence Server and Data Center存在一个远程代码执行漏洞，未经身份验证的攻击者可以利用该漏洞向目标服务器注入恶意ONGL表达式，进而在目标服务器上执行任意代码。	https://github.com/kelemaoya/CVE-2022-26134	POC详情
54	cve-2022-26134	https://github.com/CJ-0107/cve-2022-26134	POC详情
55	CVE-2022-26134	https://github.com/latings/CVE-2022-26134	POC详情
56	CVE-2022-26134poc	https://github.com/yyqxi/CVE-2022-26134	POC详情
57	None	https://github.com/b4dboy17/CVE-2022-26134	POC详情
58	CVE-2022-26134 GO POC 练习	https://github.com/wjlin0/CVE-2022-26134	POC详情
59	None	https://github.com/cbk914/CVE-2022-26134_check	POC详情
60	None	https://github.com/MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell	POC详情
61	Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)	https://github.com/Muhammad-Ali007/Atlassian_CVE-2022-26134	POC详情
62	A PoC for CVE-2022-26134 for Educational Purposes and Security Research	https://github.com/acfirthh/CVE-2022-26134	POC详情
63	None	https://github.com/yTxZx/CVE-2022-26134	POC详情
64	Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)	https://github.com/hev0x/CVE-2022-26134	POC详情
65	None	https://github.com/DARKSTUFF-LAB/-CVE-2022-26134	POC详情
66	None	https://github.com/CatAnnaDev/CVE-2022-26134	POC详情
67	None	https://github.com/404fu/CVE-2022-26134-POC	POC详情
68	confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527)	https://github.com/BBD-YZZ/Confluence-RCE	POC详情
69	CVE-2022-26134 exploit script	https://github.com/cc3305/CVE-2022-26134	POC详情
70	This repository contains Yara rule and the method that a security investigator may want to use for CVE-2022-26134 threat hunting on their Linux confluence servers.	https://github.com/ma1am/CVE-2022-26134-Exploit-Detection	POC详情
71	None	https://github.com/xsxtw/CVE-2022-26134	POC详情
72	None	https://github.com/Agentgilspy/CVE-2022-26134	POC详情
73	None	https://github.com/XiaomingX/CVE-2022-26134-poc	POC详情
74	None	https://github.com/XiaomingX/cve-2022-26134-poc	POC详情
75	Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26134	https://github.com/Khalidhaimur/CVE-2022-26134	POC详情
76	cve-2022-26134 atlassia Confluence Data Center2016 server OGNL %[...}	https://github.com/mr-won/cve-2022-26134	POC详情
77	Confluence Server and Data Center is susceptible to an unauthenticated remote code execution vulnerability.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-26134.yaml	POC详情
78	None	https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Atlassian%20Confluence%20OGNL%E8%A1%A8%E8%BE%BE%E5%BC%8F%E6%B3%A8%E5%85%A5%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2022-26134.md	POC详情
79		https://github.com/vulhub/vulhub/blob/master/confluence/CVE-2022-26134/README.md	POC详情
80	cve-2022-26134 atlassia Confluence Data Center2016 server OGNL %[...}	https://github.com/user20252228/cve-2022-26134	POC详情
81	None	https://github.com/Gilospy/CVE-2022-26134	POC详情
82	cve-2022-26134 atlassia Confluence Data Center2016 server OGNL %[...}	https://github.com/tpdlshdmlrkfmcla/cve-2022-26134	POC详情
83	Atlassian's Confluence Server and Data Center editions (Vulnerable Version > 7.18.1)	https://github.com/thetowsif/CVE-2022-26134	POC详情
84	CVE-2022-26134 - Confluence Pre-Auth Remote Code Execution [RCE]	https://github.com/Yuri08loveElaina/CVE-2022-26134	POC详情
85	None	https://github.com/MAHABUB122003/Atlassian-CVE-2022-26134	POC详情

三、漏洞 CVE-2022-26134 的情报信息

https://jira.atlassian.com/browse/CONFSERVER-79016 x_refsource_MISC
http://packetstormsecurity.com/files/167432/Confluence-OGNL-Injection-Proof-Of-Concept.html x_refsource_MISC
http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.html x_refsource_MISC
http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.html x_refsource_MISC
http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html x_refsource_MISC
https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2022-26134

四、漏洞 CVE-2022-26134 的评论

暂无评论

一、 漏洞 CVE-2022-26134 基础信息

漏洞信息

提示

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2022-26134 的公开POC

三、漏洞 CVE-2022-26134 的情报信息

四、漏洞 CVE-2022-26134 的评论

发表评论

一、漏洞 CVE-2022-26134 基础信息