by vicarius
log in join community
by @secatgourity
17 Jun 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Detecting file read in Jenkins (CVE-2024-23897)

by @secatgourity
by @secatgourity
17 Jun 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Detecting file read in Jenkins (CVE-2024-23897)

CVEs

CVE-2024-23897
9.8 Critical Severity

Screenshots from the blog posts

images/clxhu2m6z161j1hokc1qq7y5c.pngimages/clxhu2m6z161j1hokc1qq7y5c.png

Summary

In this post, we will analyze the file read exploit for Jenkins (CVE-2024-23897) and see how to exploit a vulnerable target in action!

Script link

CVE-2024-23897/CVE-2024-23897.py at main · Vozec/CVE-2024-23897

This repository presents a proof-of-concept of CVE-2024-23897 - Vozec/CVE-2024-23897

image

Description

Tags

#easy_to_exploit#DevOps#open-source#arbitrary_file_read#jenkins#automation-server

@secatgourity

190 posts

Total vcoins

0

Social media links

Comments (0)