Pwning Confluence via OGNL Injection for fun and learning - CVE-2023-22527

Pwning Confluence via OGNL Injection for fun and learning - CVE-2023-22527

CVEs

9.8 Critical Severity

Screenshots from the blog posts

images/clv3yr8d91g551imx8isk1mi7.jpgimages/clv3yr8d91g551imx8isk1mi7.jpg

Summary

An OGNL injection vulnerability exists in some older versions of Confluence Data Center and Server allowing an unauthenticated attacker to achieve RCE on affected instances. This post covers the details on how to set up your own vulnerable Confluence server instance and exploit it to get a shell on the server. We also go a step ahead and discuss what an attacker would do next. Lastly, we check the tracebacks for a failed OGNL injection to understand how the payload would have landed at the sink from the HTTP POST request.

Description

@secatgourity

185 posts

Total vcoins

121.1K

Social media links

Comments (0)