漏洞描述
Atlassian Confluence Server 7.5.1版存在预授权任意文件读取漏洞。攻击者可利用该漏洞在未授权的情况下,构造恶意数据执行文件读取攻击,最终造成服务器部分文件信息泄露。
Atlassian Confluence 任意文件读取(CVE-2021-26085)
PoC代码
暂无相关漏洞推荐
- Atlassian Confluence /json/setup-restore.action 文件上传漏洞(CVE-2023-22518)
- POC CVE-2015-8399: Atlassian Confluence <5.8.17 - Information Disclosure
- POC CVE-2019-3396: Atlassian Confluence Server - Path Traversal
- POC CVE-2019-3398: Atlassian Confluence Download Attachments - Remote Code Execution
- POC CVE-2021-26085: Atlassian Confluence Server - Local File Inclusion
- POC CVE-2023-22515: Atlassian Confluence - Privilege Escalation
- POC CVE-2023-22518: Atlassian Confluence Server - Improper Authorization
- POC CVE-2023-22527: Atlassian Confluence - Remote Code Execution
- POC CVE-2024-21683: Atlassian Confluence Data Center and Server - Remote Code Execution
- POC CVE-2015-8399: Atlassian Confluence configuration files read
- POC CVE-2022-26134: Atlassian Confluence OGNL注入漏洞
- POC CVE-2023-22515: Atlassian Confluence - Privilege Escalation
- POC CVE-2023-22518: Atlassian Confluence Server - Improper Authorization