CVE-2022-26133
CRITICALAtlassian Bitbucket Data Center <7.17.6 - Code Injection
Title source: llmExploitation Summary
EIP tracks 5 public exploits for CVE-2022-26133. PoCs published by Pear1y, abbarhissarh, ar2o3.
AI-analyzed exploit summary This is a Python-based exploit for CVE-2022-26133, a deserialization vulnerability in Atlassian Bitbucket Data Center. The PoC generates a malicious payload to achieve remote code execution (RCE) via a reverse shell.
Description
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
Exploits (5)
This is a Python-based exploit for CVE-2022-26133, a deserialization vulnerability in Atlassian Bitbucket Data Center. The PoC generates a malicious payload to achieve remote code execution (RCE) via a reverse shell.
This repository contains a functional exploit for CVE-2022-26133, a Java deserialization vulnerability in Atlassian Bitbucket Data Center. The exploit generates a malicious payload to achieve remote code execution (RCE) via crafted network requests.
This repository contains a Python-based exploit for CVE-2022-26133, a deserialization vulnerability in Atlassian Bitbucket Data Center. The exploit generates a malicious payload to achieve remote code execution (RCE) via Java deserialization.
This repository contains a functional exploit for CVE-2022-26133, a Java deserialization vulnerability in Atlassian Bitbucket Data Center. The exploit generates a malicious payload to achieve remote code execution (RCE) via deserialization.
This repository contains a functional exploit for CVE-2022-26133, a Java deserialization vulnerability in Atlassian Bitbucket Data Center. The exploit generates a malicious payload to achieve remote code execution (RCE) via deserialization.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H