Summary

An OGNL injection vulnerability exists in some older versions of Confluence Data Center and Server allowing an unauthenticated attacker to achieve RCE on affected instances. This post covers the details on how to set up your own vulnerable Confluence server instance and exploit it to get a shell on the server. We also go a step ahead and discuss what an attacker would do next. Lastly, we check the tracebacks for a failed OGNL injection to understand how the payload would have landed at the sink from the HTTP POST request.

Description