CVE-2022-43781

CRITICAL

Bitbucket Server/Data Center - Command Injection

Title source: llm

Description

There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbucket Server and Data Center instance has enabled “Allow public signup”.

Exploits (1)

metasploit WORKING POC EXCELLENT

by Ry0taK, y4er, Shelby Pace · rubypocunix

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/bitbucket_env_var_rce.rb

View Code ZIP pw:eip

References (2)

[Mitigation, Release Notes, Vendor Advisory] https://confluence.atlassian.com/x/Y4hXRg

[Issue Tracking, Patch, Vendor Advisory] https://jira.atlassian.com/browse/BSERV-13522

Scores

CVSS v3 9.8

EPSS 0.8824

EPSS Percentile 99.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-77

Status published

Products (1)

atlassian/bitbucket 7.0.0 - 7.6.19

Published Nov 17, 2022

Tracked Since Feb 18, 2026