CVE-2016-0792 PoC — CloudBees Jenkins CI和LTS 任意代码执行漏洞

Source

https://github.com/bugdotexe/CVE-2016-0792

Associated Vulnerability

Title:CloudBees Jenkins CI和LTS 任意代码执行漏洞 (CVE-2016-0792)
Description:CloudBees Jenkins是美国CloudBees公司的一款基于Java开发的开源的、可持续集成的自动化服务器，它主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。LTS（Long-Term Support）是CloudBees Jenkins的一个长期支持版本。 CloudBees Jenkins CI 1.650之前版本和LTS 1.642.2之前版本的API端点存在安全。远程攻击者可借助XML文件中的序列化数据利用该漏洞执行任意代码。

Description

CVE-2016-0792 Exploit By XBOW AI

Readme

# CVE-2016-0792
CVE-2016-0792 Exploit By XBOW AI

File Snapshot


 [4.0K]  /data/pocs/19b2ad48421d853e030f7499207029563b825c4c
├── [4.9K]  CVE-2016-0792.py
└── [  49]  README.md

1 directory, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!