writeups.xyz / From Shodan to RCE: That one time I hacked a Fortune 500 company.

Submitter : c2a

Date: 8 August 2022

Bounty : undisclosed

Vulnerabilities :

• Missing Authentication
• Arbitrary File Read
• RCE
• Exposed Jenkins Instance

Programs :

• Undisclosed

Authors :

• Vimanari_ (@Vimanari_)

Link :
https://systemweakness.com/rooting-jenkins-remote-code-execution-on-a-live-bug-bounty-target-fc2c12d89a2e