A recently identified command injection vulnerability, CVE-2025-53652, in the Jenkins Git Parameter plugin puts approximately 15,000 Jenkins servers at risk of remote code execution (RCE). This flaw could allow attackers to compromise unauthenticated Jenkins servers, potentially leading to significant security breaches. Root Cause The vulnerability stems from the way the Git Parameter plugin handles user-provided information. […]
The post 15000 Jenkins Servers Exposed to Unauthenticated RCE Attack appeared first on SecPod Blog.
