Exploit for Path Traversal in Jenkins CVE-2024-23897

Name: Exploit for Path Traversal in Jenkins CVE-2024-23897
Rating: 5 (95 reviews)

2025-03-23 | CVSS 9.8

## https://sploitus.com/exploit?id=4C46EE7E-69CB-5A08-A6AB-0F07A4183242
# CVE-2024-23897
Jenkins RCE Arbitrary File Read CVE-2024-23897 

Usage:
python poc.py http://127.0.0.1:8888/ [/etc/passwd]

Update:
Update to Jenkins 2.442, LTS 2.426.3

Fix:
If you can't update to the latest version, disable access to the CLI, this should completely eliminate the possibility of exploitation.