CVE-2022-36804-POC

A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances.

affected versions

All versions of Bitbucket Server and Data Center released before versions 7.6.17, 7.17.10, 7.21.4, 8.0.3, 8.1.2, 8.2.2, and 8.3.1 are vulnerable

POC:

the poc is written in python with multi functionality(multi threading, list of ips, light weight, interactive shell...)

this upload comes with list of servers(mostly vulnerable)

as of writting this there isnt any public poc for this vulnerability

use at your own risk there is no way to avoid abuse: https://satoshidisk.com/pay/CGMSap