Jenkins CLI HTTP Java Deserialization
Posted by deepcore on May 17, 2018 – 12:24 pm
This Metasploit module exploits a vulnerability in Jenkins. An unsafe deserialization bug exists on the Jenkins, which allows remote arbitrary code execution via HTTP. Authentication is not required to exploit this vulnerability.
Post a reply
You must be logged in to post a comment.