Share
## https://sploitus.com/exploit?id=E1CFC9F2-A6A8-5373-8679-A450C00E27CA
# CVE-2023-22527
CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability in Out-of-Date Versions of Confluence Data Center and Server

Advisory Release Date	Tue, Jan 16 2024 01:00 EST

### Products: 
- Confluence Data Center  
- Confluence Server

### Affected Versions:
- 8.0.x
- 8.1.x
- 8.2.x
- 8.3.x
- 8.4.x
- 8.5.0-8.5.3
- 7.19.x LTS versions are not affected by this vulnerability

### References:

https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html?subid=1812250057&jobid=106379017&utm_campaign=confluence-critical-advisory_EML-17850&utm_medium=email&utm_source=alert-email

https://jira.atlassian.com/browse/CONFSERVER-93833

# Usages
### Building the exploit
```
go build -o cve-2023-22527.exe
```
### Exploit
```
cve-2023-22527.exe -I {{target_IP}} -p {{target_Port}}
```
After you built main.go, u're free to exploit.
```
go run main.go -I {{target_IP}} -p {{target_Port}}
```
# PoC
![299332841-b130b1ff-c697-4e46-b94d-201821697363](https://github.com/merimael/CVE-2023-22527/assets/129992461/cb3b0cd7-1f53-4a33-b73c-85c26726e44e)

# Contact me
twitter --> https://twitter.com/m3rim4el
linkedin --> https://www.linkedin.com/in/merimael