module
Atlassian Confluence Administrator Code Macro Remote Code Execution
| Disclosed | Created |
|---|---|
| 2024-05-21 | 2024-07-11 |
Disclosed
2024-05-21
Created
2024-07-11
Description
This module exploits an authenticated administrator-level vulnerability in Atlassian Confluence,
tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating
tainted data from uploaded text files. This facilitates arbitrary code execution. This exploit will
authenticate, validate user privileges, extract the underlying host OS information, then trigger
remote code execution. All versions of Confluence prior to 7.17 are affected, as are many versions
up to 8.9.0.
tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating
tainted data from uploaded text files. This facilitates arbitrary code execution. This exploit will
authenticate, validate user privileges, extract the underlying host OS information, then trigger
remote code execution. All versions of Confluence prior to 7.17 are affected, as are many versions
up to 8.9.0.
Authors
Ankita Sawlani
Huong Kieu
W01fh4cker
remmons-r7
Huong Kieu
W01fh4cker
remmons-r7
Platform
Linux,Unix,Windows
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.