ronin-rb / community-pocs

A repository of PoCs for ronin-exploits
https://ronin-rb.dev
GNU General Public License v3.0
0 stars 2 forks source link

Add PoC exploit for CVE-2024-23897 #41

Open postmodern opened 5 months ago

postmodern commented 5 months ago

Add a PoC exploit for CVE-2024-23897, an arbitrary file-read in Jenkins <= 2.441 and <= LTS 2.426.2.

Reference PoCs

Note: some of these PoCs rely on executing the jenkins-ci.jar to interact with the Jenkins server. I prefer the PoCs that directly send the HTTP requests.

Vuln App

How to Submit a PoC

See the CONTRIBUTING file for instructions on how to submit a PoC exploit.