NOMISEC-Chocapikk/CVE-2022-26134

NOMISEC WORKING POC
Exploit for CVE-2022-26134 - Confluence - Remote Code Execution
AI Analysis

This repository contains a functional exploit for CVE-2022-26134, a pre-authentication remote code execution vulnerability in Atlassian Confluence via OGNL injection. The exploit supports both direct command execution and reverse shell payloads, with options for interactive shell sessions.

Attack Type
RCE
Complexity
moderate
Reliability
reliable
MITRE ATT&CK
T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter
Loading exploit code...
Download ZIP Password: eip
Source
Platform Nomisec
Type remote
Files 5
Stars 4
Forks 1
Last Push Oct 19, 2022
Authors
Valentin Lobstein Chocapikk
Vulnerability
CVE-2022-26134
Confluence - Remote Code Execution
CRITICAL KEV
CVSS 9.8