Published: 21/05/2024 Updated: 22/05/2024

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.3, allows an authenticated malicious user to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes confluence.atlassian.com/doc/confluence-release-notes-327.html You can download the latest version of Confluence Data Center and Server from the download center www.atlassian.com/software/confluence/download-archives. This vulnerability was found internally.

CVE-2024-21683 Post Auth RCE

CVE-2024-21683-RCE Usage git clone githubcom/W01fh4cker/CVE-2024-21683-RCE cd CVE-2024-21683-RCE pip install requests bs4 python CVE-2024-21683py -u 1921681981:8090 -au admin -ap admin -f exploitjs -n test -p 127001:8083 exploitjs: new javalangProcessBuilder["(javalangString[])"](["calce

CVE-2024-21683 POC POST /admin/plugins/newcode/addlanguageaction HTTP/11 Host: localhost:8090 User-Agent: Mozilla/50 (Windows NT 100; Win64; x64; rv:1260) Gecko/20100101 Firefox/1260 Accept: text/html,application/xhtml+xml,application/xml;q=09,image/avif,image/webp,*/*;q=08 Accept-Language: en-US,en;q=05 Accept-Encoding: gzip, deflate, br Content-Type: multipart/form-d

chained Exploit to achieve unauthenticated RCE on confluence data center and server using the CVE-2024-21683 as RCE and undisclosed auth bypass.

CVE-2024-21683 is an RCE (remote code execution) which affects both confluence server and data center Details: CVE-2024-21683 itself is an authenticated RCE vulnerability which gives an attacker the ability to execute command as the confluence user, which requires no user interaction, this vulnerability can be dangerous while its chained with an authentication bypass to gain u

This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server

-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API This allows an attacker to inject malicious code into the Confluence server, which can then b

This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server

-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API This allows an attacker to inject malicious code into the Confluence server, which can then b

https://confluence.atlassian.com/pages/viewpage.action?pageId=1387867145 https://jira.atlassian.com/browse/CONFSERVER-95832 https://nvd.nist.gov https://github.com/W01fh4cker/CVE-2024-21683-RCE

CVE-2024-21683

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect