Share
## https://sploitus.com/exploit?id=4307349B-98B0-529A-A91C-4B33146FDE02
# CVE-2019-3396
CVE-2019-3396 confluence SSTI RCE
## π What is CVE-2019-3396?
* A **critical Confluence bug** (Atlassian).
* Type: **Template Injection + Path Traversal**.
* Risk: **Remote Code Execution (RCE)** without login.
* Status: **Exploited in the wild**.
---
## π Affected Versions
* **6.6.0 β 6.6.11** β vulnerable
* **6.6.12** β
fixed
* **6.12.0 β 6.12.2** β vulnerable
* **6.12.3** β
fixed
* **6.13.0 β 6.13.2** β vulnerable
* **6.13.3** β
fixed
* **6.14.0 β 6.14.1** β vulnerable
* **6.14.2** β
fixed
π Always check Atlassianβs official advisory for full details.
---
## π₯ Impact
* Full **server takeover**
* **Data theft**, ransomware, crypto-miners
* Attackers can run **any code they want**
---
## π Mitigation
* β
**Upgrade** to patched Confluence version (best fix)
* π« Disable **Widget Connector** macro if you canβt patch right away
* π Limit access (internal only until fixed)
---
## π Detection (safe tips)
* Watch logs for strange requests hitting macro/preview endpoints
* Look for weird processes or outbound traffic
* Use vulnerability scanners to confirm version
---
## π File Read
---
β οΈ **TIP** β this repo is only for **education, defense, and awareness**.
---
## π References
* [Atlassian Advisory](https://confluence.atlassian.com/security) π’
* [NVD Entry for CVE-2019-3396](https://nvd.nist.gov/vuln/detail/CVE-2019-3396) π‘οΈ