一、 漏洞 CVE-2022-26134 基础信息
漏洞信息
# N/A
## 概述
在受漏洞影响的Confluence Server和Data Center版本中,存在一个OGNL注入漏洞,该漏洞允许未认证的攻击者在Confluence Server或Data Center实例上执行任意代码。
## 影响版本
- 1.3.0 到 7.4.17(不包括7.4.17)
- 7.13.0 到 7.13.7(不包括7.13.7)
- 7.14.0 到 7.14.3(不包括7.14.3)
- 7.15.0 到 7.15.2(不包括7.15.2)
- 7.16.0 到 7.16.4(不包括7.16.4)
- 7.17.0 到 7.17.4(不包括7.17.4)
- 7.18.0 到 7.18.1(不包括7.18.1)
## 细节
此漏洞源于OGNL注入,允许攻击者在未经身份验证的情况下执行任意代码。这可能对服务器或数据环境造成严重威胁,包括数据泄露或服务器被完全控制。
## 影响
该漏洞使未认证的攻击者能够执行任意代码,可能导致服务器受损、数据泄露或服务器完全被控制。
神龙判断
是否为 Web 类漏洞: 是
判断理由:
是。这个漏洞存在于Confluence Server和Data Center的特定版本中,涉及到OGNL(Object-Graph Navigation Language)注入问题,允许未授权的攻击者在这些版本的Confluence实例上执行任意代码。这是一个典型的服务端漏洞,因为它涉及到服务端代码的执行,可能会对Web服务的安全性和稳定性造成严重影响。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Atlassian Confluence Server 注入漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能,并支持用于构建企业WiKi的协同软件的服务器版本。 Atlassian Confluence Server 和 Data Center 存在注入漏洞。攻击者利用该漏洞执行任意代码。以下产品及版本受到影响:1.3.0版本至7.4.17之前版本、7.13.0版本至7.13.7之前版本、7.14.0版本至7.14.3之前版本、7.15.0版本至 7.15.2之前版本、7.16.0版本至7.16.4之
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
注入
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2022-26134 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | 【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。 | https://github.com/W01fh4cker/Serein | POC详情 |
| 2 | Information and scripts for the confluence CVE-2022-26134 | https://github.com/offlinehoster/CVE-2022-26134 | POC详情 |
| 3 | 0-DAY: Unauthenticated Remote Code Execution in Atlassian Confluence (CVE-2022-26134). | https://github.com/CyberDonkyx0/CVE-2022-26134 | POC详情 |
| 4 | This repository contains Yara rule and the method that a security investigator may want to use for CVE-2022-26134 threat hunting on their Linux confluence servers. | https://github.com/th3b3ginn3r/CVE-2022-26134-Exploit-Detection | POC详情 |
| 5 | CVE-2022-26134 Proof of Concept | https://github.com/jbaines-r7/through_the_wire | POC详情 |
| 6 | CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL injection | https://github.com/crowsec-edtech/CVE-2022-26134 | POC详情 |
| 7 | None | https://github.com/kyxiaxiang/CVE-2022-26134 | POC详情 |
| 8 | (CVE-2022-26134)an unauthenticated and remote OGNL injection vulnerability resulting in code execution in the context of the Confluence server | https://github.com/Brucetg/CVE-2022-26134 | POC详情 |
| 9 | Confluence Server and Data Center - CVE-2022-26134 - Critical severity unauthenticated remote code execution vulnerability PoC | https://github.com/shamo0/CVE-2022-26134 | POC详情 |
| 10 | [CVE-2022-26134]Confluence OGNL expression injected RCE with sandbox bypass. | https://github.com/SNCKER/CVE-2022-26134 | POC详情 |
| 11 | None | https://github.com/Sakura-nee/CVE-2022-26134 | POC详情 |
| 12 | None | https://github.com/Vulnmachines/Confluence-CVE-2022-26134 | POC详情 |
| 13 | Atlassian confluence poc | https://github.com/axingde/CVE-2022-26134 | POC详情 |
| 14 | CVE-2022-26134 | https://github.com/1rm/Confluence-CVE-2022-26134 | POC详情 |
| 15 | None | https://github.com/0xAgun/CVE-2022-26134 | POC详情 |
| 16 | None | https://github.com/abhishekmorla/CVE-2022-26134 | POC详情 |
| 17 | Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134) | https://github.com/h3v0x/CVE-2022-26134 | POC详情 |
| 18 | This repository talks about Zero-Day Exploitation of Atlassian Confluence, it's defense and analysis point of view from a SecOps or Blue Team perspective | https://github.com/archanchoudhury/Confluence-CVE-2022-26134 | POC详情 |
| 19 | Simple Honeypot for Atlassian Confluence (CVE-2022-26134) | https://github.com/SIFalcon/confluencePot | POC详情 |
| 20 | None | https://github.com/PsykoDev/CVE-2022-26134 | POC详情 |
| 21 | None | https://github.com/vesperp/CVE-2022-26134-Confluence | POC详情 |
| 22 | Atlassian Confluence 远程代码执行漏洞(CVE-2022-26134) | https://github.com/li8u99/CVE-2022-26134 | POC详情 |
| 23 | Implementation of CVE-2022-26134 | https://github.com/reubensammut/cve-2022-26134 | POC详情 |
| 24 | None | https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL | POC详情 |
| 25 | CVE-2022-26134 Confluence OGNL Injection POC | https://github.com/alcaparra/CVE-2022-26134 | POC详情 |
| 26 | Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection | https://github.com/whokilleddb/CVE-2022-26134-Confluence-RCE | POC详情 |
| 27 | Atlassian Confluence- Unauthenticated OGNL injection vulnerability (RCE) | https://github.com/Habib0x0/CVE-2022-26134 | POC详情 |
| 28 | None | https://github.com/Y000o/Confluence-CVE-2022-26134 | POC详情 |
| 29 | Atlassian confluence unauthenticated ONGL injection remote code execution scanner (CVE-2022-26134). | https://github.com/redhuntlabs/ConfluentPwn | POC详情 |
| 30 | CVE-2022-26134 | https://github.com/cai-niao98/CVE-2022-26134 | POC详情 |
| 31 | CVE-2022-26134, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. This is CVE-2022-26134 expoitation script | https://github.com/sunny-kathuria/exploit_CVE-2022-26134 | POC详情 |
| 32 | [CVE-2022-26134] Attlasian Confluence RCE | https://github.com/KeepWannabe/BotCon | POC详情 |
| 33 | CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection | https://github.com/Chocapikk/CVE-2022-26134 | POC详情 |
| 34 | 「💥」CVE-2022-26134 - Confluence Pre-Auth RCE | https://github.com/AmoloHT/CVE-2022-26134 | POC详情 |
| 35 | [PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE) | https://github.com/kh4sh3i/CVE-2022-26134 | POC详情 |
| 36 | Atlassian Confluence OGNL Injection Remote Code Execution (RCE) Vulnerability (CVE-2022-26134) | https://github.com/ColdFusionX/CVE-2022-26134 | POC详情 |
| 37 | PoC for exploiting CVE-2022-26134 on Confluence | https://github.com/Luchoane/CVE-2022-26134_conFLU | POC详情 |
| 38 | Atlassian, CVE-2022-26134 An interactive lab showcasing the Confluence Server and Data Center un-authenticated RCE vulnerability. | https://github.com/r1skkam/TryHackMe-Atlassian-CVE-2022-26134 | POC详情 |
| 39 | Atlassian Confluence (CVE-2022-26134) - Unauthenticated Remote code execution (RCE) | https://github.com/nxtexploit/CVE-2022-26134 | POC详情 |
| 40 | Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE). | https://github.com/Debajyoti0-0/CVE-2022-26134 | POC详情 |
| 41 | None | https://github.com/f4yd4-s3c/cve-2022-26134 | POC详情 |
| 42 | confluence rce | https://github.com/coskper-papa/CVE-2022-26134 | POC详情 |
| 43 | This is a python script that can be used with Shodan CLI to mass hunting Confluence Servers vulnerable to CVE-2022-26134 | https://github.com/p4b3l1t0/confusploit | POC详情 |
| 44 | CVE-2022-26134-PoC | https://github.com/twoning/CVE-2022-26134-PoC | POC详情 |
| 45 | Just simple PoC for the Atlassian Jira exploit. Provides code execution for unauthorised user on a server. | https://github.com/iveresk/cve-2022-26134 | POC详情 |
| 46 | 远程攻击者在Confluence未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc,方便getshell。 | https://github.com/keven1z/CVE-2022-26134 | POC详情 |
| 47 | CVE-2022-26134-Console | https://github.com/shiftsansan/CVE-2022-26134-Console | POC详情 |
| 48 | CVE-2022-26134 web payload | https://github.com/1337in/CVE-2022-26134web | POC详情 |
| 49 | Detecting CVE-2022-26134 using Nuclei | https://github.com/skhalsa-sigsci/CVE-2022-26134-LAB | POC详情 |
| 50 | None | https://github.com/yigexioabai/CVE-2022-26134-cve1 | POC详情 |
| 51 | 在受影响的Confluence Server 和Data Center 版本中,存在一个OGNL 注入漏洞,该漏洞允许未经身份验证的攻击者在Confluence Server 或Data Center 服务器上执行任意代码。 | https://github.com/kailing0220/CVE-2022-26134 | POC详情 |
| 52 | 批量检测CVE-2022-26134 RCE漏洞 | https://github.com/xanszZZ/ATLASSIAN-Confluence_rce | POC详情 |
| 53 | Confluence Server and Data Center存在一个远程代码执行漏洞,未经身份验证的攻击者可以利用该漏洞向目标服务器注入恶意ONGL表达式,进而在目标服务器上执行任意代码。 | https://github.com/kelemaoya/CVE-2022-26134 | POC详情 |
| 54 | cve-2022-26134 | https://github.com/CJ-0107/cve-2022-26134 | POC详情 |
| 55 | CVE-2022-26134 | https://github.com/latings/CVE-2022-26134 | POC详情 |
| 56 | CVE-2022-26134poc | https://github.com/yyqxi/CVE-2022-26134 | POC详情 |
| 57 | None | https://github.com/b4dboy17/CVE-2022-26134 | POC详情 |
| 58 | CVE-2022-26134 GO POC 练习 | https://github.com/wjlin0/CVE-2022-26134 | POC详情 |
| 59 | None | https://github.com/cbk914/CVE-2022-26134_check | POC详情 |
| 60 | None | https://github.com/MaskCyberSecurityTeam/CVE-2022-26134_Behinder_MemShell | POC详情 |
| 61 | Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134) | https://github.com/Muhammad-Ali007/Atlassian_CVE-2022-26134 | POC详情 |
| 62 | A PoC for CVE-2022-26134 for Educational Purposes and Security Research | https://github.com/acfirthh/CVE-2022-26134 | POC详情 |
| 63 | None | https://github.com/yTxZx/CVE-2022-26134 | POC详情 |
| 64 | Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134) | https://github.com/hev0x/CVE-2022-26134 | POC详情 |
| 65 | None | https://github.com/DARKSTUFF-LAB/-CVE-2022-26134 | POC详情 |
| 66 | None | https://github.com/CatAnnaDev/CVE-2022-26134 | POC详情 |
| 67 | None | https://github.com/404fu/CVE-2022-26134-POC | POC详情 |
| 68 | confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527) | https://github.com/BBD-YZZ/Confluence-RCE | POC详情 |
| 69 | CVE-2022-26134 exploit script | https://github.com/cc3305/CVE-2022-26134 | POC详情 |
| 70 | This repository contains Yara rule and the method that a security investigator may want to use for CVE-2022-26134 threat hunting on their Linux confluence servers. | https://github.com/ma1am/CVE-2022-26134-Exploit-Detection | POC详情 |
| 71 | None | https://github.com/xsxtw/CVE-2022-26134 | POC详情 |
| 72 | None | https://github.com/Agentgilspy/CVE-2022-26134 | POC详情 |
| 73 | None | https://github.com/XiaomingX/CVE-2022-26134-poc | POC详情 |
| 74 | None | https://github.com/XiaomingX/cve-2022-26134-poc | POC详情 |
| 75 | Active Exploitation of Atlassian’s Questions for Confluence App CVE-2022-26134 | https://github.com/Khalidhaimur/CVE-2022-26134 | POC详情 |
| 76 | cve-2022-26134 atlassia Confluence Data Center2016 server OGNL %[...} | https://github.com/mr-won/cve-2022-26134 | POC详情 |
| 77 | Confluence Server and Data Center is susceptible to an unauthenticated remote code execution vulnerability. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-26134.yaml | POC详情 |
| 78 | None | https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Atlassian%20Confluence%20OGNL%E8%A1%A8%E8%BE%BE%E5%BC%8F%E6%B3%A8%E5%85%A5%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2022-26134.md | POC详情 |
| 79 | https://github.com/vulhub/vulhub/blob/master/confluence/CVE-2022-26134/README.md | POC详情 | |
| 80 | cve-2022-26134 atlassia Confluence Data Center2016 server OGNL %[...} | https://github.com/user20252228/cve-2022-26134 | POC详情 |
| 81 | None | https://github.com/Gilospy/CVE-2022-26134 | POC详情 |
| 82 | cve-2022-26134 atlassia Confluence Data Center2016 server OGNL %[...} | https://github.com/tpdlshdmlrkfmcla/cve-2022-26134 | POC详情 |
| 83 | Atlassian's Confluence Server and Data Center editions (Vulnerable Version > 7.18.1) | https://github.com/thetowsif/CVE-2022-26134 | POC详情 |
| 84 | CVE-2022-26134 - Confluence Pre-Auth Remote Code Execution [RCE] | https://github.com/Yuri08loveElaina/CVE-2022-26134 | POC详情 |
| 85 | None | https://github.com/MAHABUB122003/Atlassian-CVE-2022-26134 | POC详情 |
| 86 | CVE-2022-26134 is a Go-based exploitation framework targeting a critical OGNL injection vulnerability in Atlassian Confluence Server/Data Center. | https://github.com/Hghost0x00/CVE-2022-26134-GO | POC详情 |
| 87 | Atlassian Confluence RCE Exploitation Framework | https://github.com/Anon2Fear/CVE-2022-26134 | POC详情 |
三、漏洞 CVE-2022-26134 的情报信息
标题: Packet Storm -- 🔗来源链接
标签:x_refsource_MISC
神龙速读:### 关键信息安全信息 #### 网页漏洞概述 * **网站**: Packet Storm Security * **更新日期**: 2025年9月12日 * **相关法律**: 加利福尼亚州法律 #### 涉及的关键信息 * **协议术语**: 网站使用条款以法律形式约束用户,以保护Packet Storm Security的财产和内容。 * **用户注册**: 用户需要注册才能访问某些服务,且注册信息需真实有效。 * **禁止活动**: 禁止的活动包括恶意行为、通过自动化手段访问网站等。 * **用户生成内容**: 用户可贡献内容,但需遵守相关条款。 * **免责条款**: Packet Storm Security不对任何直接或间接损害负责。 * **赔偿**: 用户需对因贡献或使用网站引起的所有第三方索赔进行赔偿。 #### 其他相关规定 * **广告商**: 广告需遵守相关法律法规,不得侵犯第三方权利。 * **高级服务**: 包括API访问等,需遵守特定条款和条件。 * **隐私政策**: 网站以保护用户体验为前提。 #### 备注 截图主要为Service Technical Terms 当且,未能直接呈现特定信息。
- http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.htmlx_refsource_MISC
- http://packetstormsecurity.com/files/167430/Confluence-OGNL-Injection-Remote-Code-Execution.htmlx_refsource_MISC
- https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.htmlx_refsource_MISC
- http://packetstormsecurity.com/files/167431/Through-The-Wire-CVE-2022-26134-Confluence-Proof-Of-Concept.htmlx_refsource_MISC
- https://jira.atlassian.com/browse/CONFSERVER-79016x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2022-26134
四、漏洞 CVE-2022-26134 的评论
暂无评论