# Exploit for CVE-2022-26134: Confluence Pre-Auth Remote Code Execution via OGNL Injection

 _Another exploit in OGNL Land_

## Description

Confluence is a web-based corporate wiki developed by Australian software company Atlassian.
On June 02, 2022 Atlassian released a security advisory for their Confluence Server and Data Center applications, highlighting a critical severity unauthenticated remote code execution vulnerability. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance.
## Setup

To setup your lab, run `` and follow the instructions given [here](

## Usage

$ ./                          
usage: [-h] -u URL error: the following arguments are required: -u/--url 

$  ./ -u
๐Ÿ”— URL:
๐Ÿ‘‰ (id): whoami

## References

- Infosec Twitter