CVE-2023-22527 - Server-side Template Injection (SSTI) vulnerability allowing Remote Code Execution (RCE) In Confluence Data Center and Confluence Server
Products and Versions affected:
| Product | Affected Versions |
|---|---|
| Confluence Data Center and Server | 8.0.x 8.2.x 8.3.x 8.4.x 8.5.0-8.5.3 |
usage: CVE-2023-22527.py [-h] -u URL [-c COMMAND]
options:
-h, --help show this help message and exit
-u URL, --url URL Atlassian Confluence Server URL
-c COMMAND, --command COMMAND
Command to Execute
Example: python CVE-2023-22527.py -u https://10.10.12.2 -c whoami
You can use Try Hack Me's Room Confluence CVE-2023-22515 to test the exploit because it also runs a vulnerable version affected by CVE-2023-22527.
- Where are they now? Starring: Confluence CVE-2023-22527
- Atlassian Confluence - Remote Code Execution (CVE-2023-22527)
- Shadowserver Atlassian Statistics
- CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server
- GreyNoise Tag - Atlassian Confluence Template Injection RCE Attempt
- CISA Adds One Known Exploited Vulnerability to Catalog