Hello , the new CVE-2024-43044 leads to RCE
The exploit will use the vulnerability to read files to forge a remember-me cookie for an admin account and gain access to Jenkins scripting engine.
Blog: https://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/
Dorks:
HUNTER:/product.name="Jenkins"
SHODAN: product: "Jenkins"
FOFA: app="Jenkins"
ZoomEye: app: "Jenkins"
POC : https://github.com/convisolabs/CVE-2024-43044-jenkins
Mass Check Vuln : https://github.com/HwMex0/CVE-2024-43044
The exploit will use the vulnerability to read files to forge a remember-me cookie for an admin account and gain access to Jenkins scripting engine.
Blog: https://blog.convisoappsec.com/en/analysis-of-cve-2024-43044/
Dorks:
HUNTER:/product.name="Jenkins"
SHODAN: product: "Jenkins"
FOFA: app="Jenkins"
ZoomEye: app: "Jenkins"
POC : https://github.com/convisolabs/CVE-2024-43044-jenkins
Mass Check Vuln : https://github.com/HwMex0/CVE-2024-43044