CVE-2022-36804 PoC — Atlassian Bitbucket Server 安全漏洞

Source

Associated Vulnerability

Description

A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances. 

Readme

# CVE-2022-36804-POC
A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances.


# affected versions
All versions of Bitbucket Server and Data Center released before versions 7.6.17, 7.17.10, 7.21.4, 8.0.3, 8.1.2, 8.2.2, and 8.3.1 are vulnerable


# POC:
![POC](/poc.jpg)


# the poc is written in python with multi functionality(multi threading, list of ips, light weight, interactive shell...)
this upload comes with list of servers(mostly vulnerable)


# as of writting this there isnt any public poc for this vulnerability

# use at your own risk there is no way to avoid abuse: https://satoshidisk.com/pay/CGMSap


[![Hits](https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fgithub.com%2FCEOrbey%2FCVE-2022-36804-POC&count_bg=%2379C83D&title_bg=%23555555&icon=&icon_color=%23E7E7E7&title=RCE&edge_flat=false)](https://hits.seeyoufarm.com)

File Snapshot

 [4.0K]  /data/pocs/a2f58d5fe189f3ab2281dad12d6a87927de7b38b
├── [ 162]  CVE-2022-36804-mass.py
├── [214K]  poc.jpg
└── [ 990]  README.md

0 directories, 3 files

Remarks