Exploit for Deserialization of Untrusted Data in Atlassian Bitbucket Data Center CVE-2022-26133

Name: Exploit for Deserialization of Untrusted Data in Atlassian Bitbucket Data Center CVE-2022-26133
Rating: 5 (238 reviews)

2022-06-03 | CVSS 7.5

## https://sploitus.com/exploit?id=C8AD0AD4-355C-517A-B0D2-0405C8CF723A
# CVE-2022-26133




## 说明

Atlassian Bitbucket Data Center 反序列化漏洞(CVE-2022-26133) 批量验证和利用

![image-20220510141355733](images/image-20220510141355733.png)



## 漏洞验证

![image-20220509202724404](images/image-20220509202724404.png)

批量

```
python3 CVE-2022-26133.py -u http://192.168.110.136:7990 -f target.txt
```



## 漏洞利用

![image-20220511095619698](images/image-20220511095619698.png)

![image-20220511095801769](images/image-20220511095801769.png)

***声明：该工具仅用于合法的，经过授权的渗透测试，公司内部安全检查与研究使用。由于使用本工具带来的不良后果由使用者本人负责。***