Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2021-26084

Description

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

POC

Reference

- http://packetstormsecurity.com/files/164013/Confluence-Server-7.12.4-OGNL-Injection-Remote-Code-Execution.html

- http://packetstormsecurity.com/files/164122/Atlassian-Confluence-WebWork-OGNL-Injection.html

- http://packetstormsecurity.com/files/167449/Atlassian-Confluence-Namespace-OGNL-Injection.html

Github

- https://github.com/0day404/vulnerability-poc

- https://github.com/0x727/ShuiZe_0x727

- https://github.com/0xMarcio/cve

- https://github.com/0xMrNiko/Awesome-Red-Teaming

- https://github.com/0xf4n9x/CVE-2021-26084

- https://github.com/0xsyr0/OSCP

- https://github.com/189569400/Meppo

- https://github.com/1ZRR4H/CVE-2021-26084

- https://github.com/20142995/Goby

- https://github.com/20142995/nuclei-templates

- https://github.com/20142995/pocsuite3

- https://github.com/20142995/sectool

- https://github.com/30579096/Confluence-CVE-2021-26084

- https://github.com/34zY/APT-Backpack

- https://github.com/3stoneBrother/atlassian_pbkdf2_dehash

- https://github.com/4ra1n/poc-runner

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/ARPSyndicate/kenzer-templates

- https://github.com/AdityaBhatt3010/Dork-Like-a-Demon-Shodan-Edition-for-Hackers-and-Bug-Bounty-Hunters

- https://github.com/Amar224/Pentest-Tools

- https://github.com/Andromeda254/cve

- https://github.com/AnonymouID/POC

- https://github.com/ArrestX/--POC

- https://github.com/Awrrays/FrameVul

- https://github.com/BBD-YZZ/Confluence-RCE

- https://github.com/BLACKHAT-SSG/MindMaps2

- https://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template

- https://github.com/CLincat/vulcat

- https://github.com/CVEDB/PoC-List

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/ChalkingCode/ExploitedDucks

- https://github.com/CrackerCat/CVE-2021-26084

- https://github.com/Drajoncr/AttackWebFrameworkTools

- https://github.com/FDlucifer/firece-fish

- https://github.com/GhostTroops/TOP

- https://github.com/GlennPegden2/cve-2021-26084-confluence

- https://github.com/H1CH444MREB0RN/PenTest-free-tools

- https://github.com/HimmelAward/Goby_POC

- https://github.com/JERRY123S/all-poc

- https://github.com/JKme/CVE-2021-26084

- https://github.com/Jeromeyoung/CVE-2021-26086

- https://github.com/Jun-5heng/CVE-2021-26084

- https://github.com/KayCHENvip/vulnerability-poc

- https://github.com/Lazykakarot1/Learn-365

- https://github.com/Li468446/Atlassian_Confluence

- https://github.com/Loginsoft-LLC/Linux-Exploit-Detection

- https://github.com/Loginsoft-Research/Linux-Exploit-Detection

- https://github.com/Loneyers/CVE-2021-26084

- https://github.com/Lotus6/ConfluenceMemshell

- https://github.com/Mehedi-Babu/pentest_tools_repo

- https://github.com/Miraitowa70/POC-Notes

- https://github.com/Moros-td/-AUTOMATED-DETECTION-AND-RESPONSE-TO-INFORMATION-SYSTEM-SECURITY-INCIDENTS

- https://github.com/Mr-xn/Penetration_Testing_POC

- https://github.com/NaInSec/CVE-PoC-in-GitHub

- https://github.com/NyxAzrael/Goby_POC

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/Osyanina/westone-CVE-2021-26084-scanner

- https://github.com/PwnAwan/MindMaps2

- https://github.com/R0OtAdm1n/CVE-2021-26084-EXP

- https://github.com/ReAbout/web-sec

- https://github.com/Reclu3a/CVE-2021-26084-Confluence-OGNL

- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories

- https://github.com/S3cur3Th1sSh1t/Pentest-Tools

- https://github.com/SYRTI/POC_to_review

- https://github.com/Sma11New/PocList

- https://github.com/SummerSec/SpringExploit

- https://github.com/TesterCC/exp_poc_library

- https://github.com/TheclaMcentire/CVE-2021-26084_Confluence

- https://github.com/Threekiii/Awesome-POC

- https://github.com/Threekiii/Vulhub-Reproduce

- https://github.com/UGF0aWVudF9aZXJv/Atlassian-Jira-pentesting

- https://github.com/Udyz/CVE-2021-26084

- https://github.com/Vulnmachines/Confluence_CVE-2021-26084

- https://github.com/Waseem27-art/ART-TOOLKIT

- https://github.com/WhooAmii/POC_to_review

- https://github.com/WingsSec/Meppo

- https://github.com/Xc1Ym/cve_2021_26084

- https://github.com/XiaomingX/awesome-poc-for-red-team

- https://github.com/YellowVeN0m/Pentesters-toolbox

- https://github.com/Z0fhack/Goby_POC

- https://github.com/ZZ-SOCMAP/CVE-2021-26084

- https://github.com/ZZ-SOCMAP/Pocs-Exps

- https://github.com/ZZ-SOCMAP/pocs

- https://github.com/al4xs/confluence

- https://github.com/antx-code/CVE-2021-26084

- https://github.com/attacker-codeninja/CVE-2021-26084

- https://github.com/b1gw00d/CVE-2021-26084

- https://github.com/bakery312/Vulhub-Reproduce

- https://github.com/bcdannyboy/CVE-2021-26084_GoPOC

- https://github.com/bigblackhat/oFx

- https://github.com/binganao/vulns-2022

- https://github.com/brunsu/woodswiki

- https://github.com/byteofandri/CVE-2021-26084

- https://github.com/byteofjoshua/CVE-2021-26084

- https://github.com/carlosevieira/CVE-2021-26084

- https://github.com/cc8700619/poc

- https://github.com/ch4t4pt/CVE-2021-26084-EXP

- https://github.com/crowsec-edtech/CVE-2021-26084

- https://github.com/cryptoforcecommand/log4j-cve-2021-44228

- https://github.com/curated-intel/Log4Shell-IOCs

- https://github.com/cyb3r-w0lf/nuclei-template-collection

- https://github.com/cyberanand1337x/bug-bounty-2022

- https://github.com/d4n-sec/d4n-sec.github.io

- https://github.com/demining/Log4j-Vulnerability

- https://github.com/dinhbaouit/CVE-2021-26084

- https://github.com/dock0d1/CVE-2021-26084_Confluence

- https://github.com/dorkerdevil/CVE-2021-26084

- https://github.com/elinakrmova/RedTeam-Tools

- https://github.com/emtee40/win-pentest-tools

- https://github.com/enomothem/PenTestNote

- https://github.com/fardeen-ahmed/Bug-bounty-Writeups

- https://github.com/g1san/Agents-for-Vulnerable-Dockers-and-related-Benchmarks

- https://github.com/h3v0x/CVE-2021-26084_Confluence

- https://github.com/hack-parthsharma/Pentest-Tools

- https://github.com/harsh-bothra/learn365

- https://github.com/hev0x/CVE-2021-26084_Confluence

- https://github.com/hktalent/TOP

- https://github.com/hktalent/bug-bounty

- https://github.com/huike007/penetration_poc

- https://github.com/huimzjty/vulwiki

- https://github.com/huisetiankong478/penetration_poc

- https://github.com/insecrez/Bug-bounty-Writeups

- https://github.com/jagat-singh-chaudhary/bugbounty-365-days

- https://github.com/jared1981/More-Pentest-Tools

- https://github.com/jbmihoub/all-poc

- https://github.com/joydo/CVE-Writeups

- https://github.com/k0mi-tg/CVE-POC

- https://github.com/kdandy/pentest_tools

- https://github.com/kkin77/CVE-2021-26084-Confluence-OGNL

- https://github.com/leoambrus/CheckersNomisec

- https://github.com/lions2012/Penetration_Testing_POC

- https://github.com/lleavesl/CVE-2021-26084

- https://github.com/luck-ying/Library-POC

- https://github.com/ludy-dev/CVE-2021-26084_PoC

- https://github.com/manas3c/CVE-POC

- https://github.com/march0s1as/CVE-2021-26084

- https://github.com/maskerTUI/CVE-2021-26084

- https://github.com/mdisec/mdisec-twitch-yayinlari

- https://github.com/merlinepedra/AttackWebFrameworkTools-5.0

- https://github.com/merlinepedra/Pentest-Tools

- https://github.com/merlinepedra25/AttackWebFrameworkTools-5.0

- https://github.com/merlinepedra25/Pentest-Tools

- https://github.com/merlinepedra25/Pentest-Tools-1

- https://github.com/n0-traces/cve_monitor

- https://github.com/nahcusira/CVE-2021-26084

- https://github.com/nizar0x1f/CVE-2021-26084-patch-

- https://github.com/nizarbamida/CVE-2021-26084-patch-

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/numencyber/atlassian_pbkdf2_dehash

- https://github.com/odaysec/confluPwn

- https://github.com/onewinner/VulToolsKit

- https://github.com/openx-org/BLEN

- https://github.com/orangmuda/CVE-2021-26084

- https://github.com/orgTestCodacy11KRepos110MB/repo-5222-ShuiZe_0x727

- https://github.com/osungjinwoo/confluence

- https://github.com/ouwenjin/-

- https://github.com/p0nymc1/CVE-2021-26084

- https://github.com/pathakabhi24/Pentest-Tools

- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main

- https://github.com/peiqiF4ck/WebFrameworkTools-5.5

- https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance

- https://github.com/pen4uin/awesome-pentest-note

- https://github.com/pen4uin/awesome-vulnerability-research

- https://github.com/pen4uin/pentest-note

- https://github.com/pen4uin/vulnerability-research

- https://github.com/pen4uin/vulnerability-research-list

- https://github.com/pipiscrew/timeline

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/prettyrecon/CVE-2021-26084_Confluence

- https://github.com/quesodipesto/conflucheck

- https://github.com/r0ckysec/CVE-2021-26084_Confluence

- https://github.com/r0eXpeR/supplier

- https://github.com/retr0-13/Pentest-Tools

- https://github.com/rootsmadi/CVE-2021-26084

- https://github.com/rudraimmunefi/source-code-review

- https://github.com/rudrapwn/source-code-review

- https://github.com/shanyuhe/YesPoc

- https://github.com/shengshengli/AttackWebFrameworkTools-5.0

- https://github.com/sma11new/PocList

- https://github.com/smadi0x01/CVE-2021-26084

- https://github.com/smadi0x86/CVE-2021-26084

- https://github.com/smallpiggy/cve-2021-26084-confluence

- https://github.com/soosmile/POC

- https://github.com/suizhibo/MemShellGene

- https://github.com/tangxiaofeng7/CVE-2021-26084_Confluence

- https://github.com/taythebot/CVE-2021-26084

- https://github.com/toowoxx/docker-confluence-patched

- https://github.com/trhacknon/Pocingit

- https://github.com/triw0lf/Security-Matters-22

- https://github.com/tzwlhack/ShuiZe_0x727

- https://github.com/vpxuser/CVE-2021-26084-EXP

- https://github.com/wdjcy/CVE-2021-26084

- https://github.com/weeka10/-hktalent-TOP

- https://github.com/whoforget/CVE-POC

- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-

- https://github.com/wolf1892/confluence-rce-poc

- https://github.com/woods-sega/woodswiki

- https://github.com/xanszZZ/pocsuite3-poc

- https://github.com/xuetusummer/Penetration_Testing_POC

- https://github.com/youwizard/CVE-POC

- https://github.com/z0edff0x3d/CVE-2021-26084-Confluence-OGNL

- https://github.com/zecool/cve