## https://sploitus.com/exploit?id=E4EAC92F-32F7-51E4-AAD1-54C75BC7DC7C
# CVE-2024-23897
### CVE-2024-23897 - Arbitrary file read vulnerability through the CLI can lead to RCE
![image](https://github.com/yoryio/CVE-2024-23897/assets/134471901/cb2af884-9607-4e67-be70-447699d51ce8)
*Products and Versions affected:*
| Product | Affected Versions |
| :-------------------------------- | :------------------------------------------------------- |
| Jenkis Server | <= 2.441 <br /> <= LTS 2.426.3|
- **CVSS:** CRITICAL
- **Actively Exploited:** [YES](https://www.helpnetsecurity.com/2024/01/29/cve-2024-23897/)
- **Patch:** [YES](https://www.jenkins.io/security/advisory/2024-01-24/)
- **Mitigation:** [YES](https://github.com/jenkinsci-cert/SECURITY-3314-3315/)
# Help
```
usage: CVE-2024-23897.py [-h] -c COUNTRY
options:
-h, --help show this help message and exit
-c COUNTRY, --country COUNTRY
Country to scan with Shodan
```
**Example:** `python CVE-2024-23897.py -c US`
# Lab
You can use the Jenkin's Docker container with a specific vulnerable version:
```
docker pull jenkins/jenkins:2.414.3-jdk17
```
# Global Jenkins Servers with Shodan:
- **Shodan query:**
```
http.favicon.hash:81586312
```
![Screenshot from 2024-01-26 23-07-40](https://github.com/yoryio/CVE-2024-23897/assets/134471901/97ed0259-32b3-43cf-aefc-d71853fefffd)
# References
- [Jenkins Security Advisory 2024-01-24](https://www.jenkins.io/security/advisory/2024-01-24/)
- [Excessive Expansion: Uncovering Critical Security Vulnerabilities in Jenkins](https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/)
- [Breaking Down CVE-2024-23897: PoC Code Surfaces Just After Jenkins Advisory](https://securityonline.info/breaking-down-cve-2024-23897-poc-code-surfaces-just-after-jenkins-advisory/)
- [Allegedly active exploitation](https://twitter.com/shoucccc/status/1750601321831633026)
- [Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)](https://www.helpnetsecurity.com/2024/01/29/cve-2024-23897/)