module
Atlassian Confluence Administrator Code Macro Remote Code Execution
| Disclosed | Created |
|---|---|
| 05/21/2024 | 07/11/2024 |
Disclosed
05/21/2024
Created
07/11/2024
Description
This module exploits an authenticated administrator-level vulnerability in Atlassian Confluence,
tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating
tainted data from uploaded text files. This facilitates arbitrary code execution. This exploit will
authenticate, validate user privileges, extract the underlying host OS information, then trigger
remote code execution. All versions of Confluence prior to 7.17 are affected, as are many versions
up to 8.9.0.
tracked as CVE-2024-21683. The vulnerability exists due to the Rhino script engine parser evaluating
tainted data from uploaded text files. This facilitates arbitrary code execution. This exploit will
authenticate, validate user privileges, extract the underlying host OS information, then trigger
remote code execution. All versions of Confluence prior to 7.17 are affected, as are many versions
up to 8.9.0.
Authors
Ankita SawlaniHuong KieuW01fh4ckerremmons-r7
Platform
Linux,Unix,Windows
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use exploit/multi/http/atlassian_confluence_rce_cve_2024_21683
msf /(3) > show actions
...actions...
msf /(3) > set ACTION < action-name >
msf /(3) > show options
...show and set options...
msf /(3) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.