Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

The Hacker News
The Hacker Newsadded 2022/02/16 2:3 p.m.32 views

TrickBot Malware Targeted Customers of 60 High-Profile Companies Since 2020

The notorious TrickBot malware is targeting customers of 60 financial and technology companies, including cryptocurrency firms, primarily located in the U.S., even as its operators have updated the botnet with new anti-analysis features. "TrickBot is a sophisticated and versatile malware with mor...

0.9AI score
Exploits0
0day.today
0day.todayadded 2019/03/19 12:0 a.m.291 views

Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE Exploit

This Metasploit module exploits a vulnerability in Jenkins dynamic routing to bypass the Overall/Read ACL and leverage Groovy metaprogramming to download and execute a malicious JAR file. The ACL bypass gadget is specific to Jenkins versions 2.137 and below and will not work on later versions of...

8.8CVSS0.1AI score0.94443EPSS
Exploits17
Packet Storm
Packet Stormadded 2019/03/19 12:0 a.m.109 views

Jenkins ACL Bypass / Metaprogramming Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins ACL Bypass and Metaprogramming RCE', 'Description' = %q This module exploits a vulnerability in Jenkins dynamic routing to bypass the...

6.5CVSS0.8AI score0.94443EPSS
Exploits17
Exploit DB
Exploit DBadded 2019/03/19 12:0 a.m.126 views

Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins ACL Bypass and Metaprogramming RCE', 'Description' = %q This module exploits a vulnerability in Jenkins dynamic routing to bypass the...

7.8AI score
Exploits0
Circl
Circladded 2019/03/18 12:37 p.m.3 views

CVE-2019-1003005

creationtimestamp| type| source ---|---|--- 2019-03-18 12:37:31+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jenkinsmetaprogramming.rb 2022-07-31 07:01:12+00:00| published-proof-of-concept| https://t.me/poxek/2140 2023-04-06 10:40:22+00:00|...

8.8CVSS8.1AI score0.74186EPSS
Exploits3References3
Metasploit
Metasploitadded 2019/03/16 5:32 a.m.377 views

Jenkins ACL Bypass and Metaprogramming RCE

This module exploits a vulnerability in Jenkins dynamic routing to bypass the Overall/Read ACL and leverage Groovy metaprogramming to download and execute a malicious JAR file. When the "Java Dropper" target is selected, the original entry point based on classLoader.parseClass is used, which...

9.9CVSS8AI score0.94485EPSS
Exploits19
Rows per page
Query Builder