Summary

In this post, we will understand how the automated exploit to pwn Confluence and achieve the eternal RCE on it leveraging CVE-2023-22527. Already having analyzed this CVE in the past and covering the manual exploitation, this post gives us an opportunity to look at the automation side of things.

Script link

GitHub - Manh130902/CVE-2023-22527-POC: A critical severity Remote Code Execution (RCE) vulnerability (CVE-2023-22527) was discovered in Confluence Server and Data Center.

A critical severity Remote Code Execution (RCE) vulnerability (CVE-2023-22527) was discovered in Confluence Server and Data Center. - GitHub - Manh130902/CVE-2023-22527-POC: A critical severity Re…

Description