Security News > 2022 > June > Criminal IP analysis report on zero-day vulnerability in Atlassian Confluence
Timeline May 31: Volexity found zero-day vulnerability in Atlassian Confluence.
AI Spera used Criminal IP to determine the number of Atlassian Confluence servers connected to the Internet.
According to the IOC released by Volexity, 15 IPs interacting with webshells on Confluence server were found after the first case of Confluence attack.
If you have access to Confluence through a browser on your PC, you can run the following command with a curl or python script to determine vulnerabilities of your Confluence server.
Https://your confluence address/$ /. If you change the part of your confluence address, you can check it with curl as follows.
The first thing companies or organizations that use Confluence should do is immediately block external access to their Confluence server.
News URL
Related news
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products (source)
- Download: Edgescan 2025 Vulnerability Statistics Report (source)