CVE-2022-26133 PoC — Atlassian Bitbucket Data Center 代码问题漏洞

Source

Associated Vulnerability

Description

CVE-2022-26133 Exploit 

Readme

# CVE-2022-26133
<img src="https://github.com/0xAbbarhSF/CVE-2022-26133/blob/main/download.jpeg">

## Information

#### Description	
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.

#### State ->	PUBLIC
#### Problem Type ->Deserialization of untrusted data


# Installation & Run
* git clone https://github.com/0xAbbarhSF/CVE-2022-26133
* cd CVE-2022-26133
* chmod +x *
* pip2 install parse
* python2 exploit.py

# Contact: - 🕊️ Twitter: [@0xAbbarhSF](https://twitter.com/0xAbbarhSF)
[![Tweet](https://img.shields.io/twitter/url/http/0xAbbarhSF.svg?style=social)](https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Fdeveloper.twitter.com%2Fen%2Fdocs%2Ftwitter-for-websites%2Ftweet-button%2Foverview&ref_src=twsrc%5Etfw&text=CMS-Xploiter%20-%20Automated%20Pentest%20Recon%20Scanner%20%400xAbbarhSD&tw_p=tweetbutton&url=https%3A%2F%2Fgithub.com%2F0xAbbarhSF%)

File Snapshot

 [4.0K]  /data/pocs/26d55b0a0b95baa4dabc7c29adfc5c0c0a5b0ecf
├── [8.2K]  download.jpeg
├── [ 11K]  exploit.py
└── [1.1K]  README.md

0 directories, 3 files

Remarks