HomeCyber Balkans45K+ Publicly Exposed Jenkins Instances Vulnerable to Remote Code Execution Attacks

45K+ Publicly Exposed Jenkins Instances Vulnerable to Remote Code Execution Attacks

Published on

spot_img

A new critical vulnerability has been discovered in Jenkins, which has been associated with unauthenticated arbitrary file reads that can be utilized by threat actors to gain access to sensitive files on the server. The vulnerability has been identified as CVE-2024-23897, and the severity of the threat is yet to be categorized.

According to reports, there has been a massive scan of Jenkins servers over the internet, with more than 45,000 publicly available instances currently online. The high number of these exposed servers poses a significant risk, especially in light of the recently discovered vulnerability.

Jenkins holds a significant market share of 43%, making it one of the most widely used open-source CI/CD servers across various organizations. This high percentage of market share places the software as a primary target for threat actors looking to exploit vulnerabilities.

The CVE-2023-23897 vulnerability does not require any authentication on vulnerable instances, making it particularly susceptible to exploitation. Even individuals with minimal technical skills can easily identify whether a specific Jenkins instance is vulnerable using a simple cURL command with only the IP address and port number of the server.

Furthermore, reports from Shadowserver have revealed that there are more than 45,000 servers that could be exploited if they have been misconfigured. In addition to the CVE-2023-23897 vulnerability, another unauthenticated remote code execution vulnerability has been identified, which could allow threat actors to execute arbitrary commands on the vulnerable instances.

China has the highest number of exposed Jenkins instances, with nearly 12,000 servers, followed by the United States of America with 11,830 servers. Germany and India also have a significant number of servers at risk, with approximately 3000 and 2500 servers respectively.

To address these vulnerabilities and mitigate the risks posed by the exposed servers, it is essential for organizations to ensure that their Jenkins servers are upgraded to the latest versions. This proactive measure can help prevent these servers from being exploited by threat actors looking to take advantage of the identified vulnerabilities.

In light of these recent developments, it is crucial that organizations prioritize the security of their Jenkins servers and take the necessary steps to safeguard their data and systems from potential exploitation.

Source link

Latest articles

RedWing Android Spyware Rental Service Available on Telegram

RedWing: A New Threat in Android Spyware Linked to Russian Actors Recent investigations by security...

Vidar Stealer and XMRig Miner Operation

Cybercriminals Employ Dual-Monetization Tactics to Steal Data and Mine Cryptocurrency Recent research from Unit 42,...

Top 40 Major Cybersecurity Events of the Week, July 2026

Cybersecurity Newsletter Roundup: Major Incidents from July 6–10, 2026 In its latest edition, the GBHackers...

OnlyFans DMCA Complaints Target Hacked Government Sites

Security Breach: Thousands of Government Websites Compromised by Scammers In a wide-reaching attack, thousands of...

More like this

RedWing Android Spyware Rental Service Available on Telegram

RedWing: A New Threat in Android Spyware Linked to Russian Actors Recent investigations by security...

Vidar Stealer and XMRig Miner Operation

Cybercriminals Employ Dual-Monetization Tactics to Steal Data and Mine Cryptocurrency Recent research from Unit 42,...

Top 40 Major Cybersecurity Events of the Week, July 2026

Cybersecurity Newsletter Roundup: Major Incidents from July 6–10, 2026 In its latest edition, the GBHackers...