Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Jenkins Critical Flaw Sparks Exploits

January 30, 2024
Reading Time: 3 mins read
in Alerts

Security researchers have issued a warning regarding the disclosure of proof-of-concept (PoC) exploits targeting a critical vulnerability, CVE-2024-23897, recently identified in the widely-used Jenkins automation server. Maintained by CloudBees and the Jenkins community, Jenkins supports developers in building, testing, and deploying applications, boasting hundreds of thousands of installations worldwide and over a million users. The platform’s maintainers have addressed nine security vulnerabilities, with CVE-2024-23897 posing a significant risk of remote code execution (RCE). Researchers, including Yaniv Nizry from Sonar, have highlighted the vulnerability’s exploitation potential, particularly through the abuse of the default character encoding to read arbitrary files on the Jenkins controller file system.

The critical flaw stems from the platform’s use of the args4j library to parse command line interface (CLI) command arguments, where a default feature (‘expandAtFiles’) replaces the ‘@’ character followed by a file path in an argument with the file’s content. This feature, enabled by default in Jenkins versions 2.441 and earlier, LTS 2.426.2 and earlier, allows attackers to manipulate the character encoding to read files on the controller file system. Depending on the attacker’s permissions, entire files or the first three lines can be accessed, raising concerns about potential exposure of cryptographic keys used in various Jenkins features. Security researcher Florian Roth warns of weaponized PoC exploits circulating, while German Fernandez notes a substantial vulnerability exploitation, identifying over 75,000 internet-facing instances through Shodan queries.

As PoC exploits become public, the threat landscape intensifies, with the availability of these exploits expected to attract multiple threat actors seeking to exploit the vulnerability in attacks. The emergence of these exploits further underscores the urgency for Jenkins users to update their systems promptly, implement security measures, and stay vigilant against potential cyber threats exploiting this critical flaw.

References:
  • Jenkins Security Advisory 2024-01-24 
  • This vulnerability in Jenkins is serious CVE-2024-23897. POCs have been published
  • Critical CVE-2024-23897 in Jenkins allows unauthenticated attackers to partially leak files and authenticated attackers to leak entire files
  • CVE-2024-23897: Unauthenticated Arbitrary File Read vulnerability could lead to RCE on Jenkins servers.
Tags: Cyber AlertCyber Alerts 2024Cyber RiskCyber threatJanuary 2024JenkinsProof-of-concept (PoC)Vulnerabilities
ADVERTISEMENT

Related Posts

Hackers Use Leaked Shellter License Malware

Windows BitLocker Vulnerability Flaw

July 9, 2025
Hackers Use Leaked Shellter License Malware

Hackers Use Leaked Shellter License Malware

July 9, 2025
Hackers Use Leaked Shellter License Malware

Anatsa Android Trojan Targets 90K Users

July 9, 2025
AMOS Mac Stealer Adds Persistent Backdoor

AMOS Mac Stealer Adds Persistent Backdoor

July 8, 2025
AMOS Mac Stealer Adds Persistent Backdoor

NordDragonScan Malware Steals Windows Data

July 8, 2025
AMOS Mac Stealer Adds Persistent Backdoor

New Ransomware BERT Targets ESXi Systems

July 8, 2025

Latest Alerts

Windows BitLocker Vulnerability Flaw

Anatsa Android Trojan Targets 90K Users

Hackers Use Leaked Shellter License Malware

New Ransomware BERT Targets ESXi Systems

NordDragonScan Malware Steals Windows Data

AMOS Mac Stealer Adds Persistent Backdoor

Subscribe to our newsletter

    Latest Incidents

    Credit Reports Breached And Sold On Dark Web

    Recruiting Software Exposed 26M Resumes

    Norwegian Municipalities Hit by Data Breach

    French Chip Firm Semco Hacked During IPO

    Louis Vuitton Korea Hit By Cyberattack

    Virginia School District Hit By Cyberattack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial