Multiple Remote Code Execution Vulnerabilities in JumpServer



The SonicWall Capture Labs threat research team became aware of a couple of remote code execution vulnerabilities in JumpServer, assessed their impact and developed mitigation measures. JumpServer is an open-source bastion host and a professional operation and maintenance security audit system with a substantial presence in the China region. A bastion host is a specialized computer, intentionally exposed on a public network, designed to withstand attacks on a network named after a military fortification.

Identified as CVE-2024-29201 and CVE-2024-29202, JumpServer before version 3.10.7 allows low-privileged threat actors to execute arbitrary code within the Celery container with root privileges, earning a critical CVSS score of 9.9.

Technical Overview


This vulnerability arises due to a flaw in the input validation mechanism in JumpServer’s Ansible (An IT automation engine), which allows a threat actor with a low-privileged user account to execute arbitrary code in the context of a root user within one of its containers named ‘jms_celery’.

JumpServer enforces a mechanism to disallow the usage of a set of unsafe keywords to prevent users from running local injection commands while running a playbook job, as seen in Figure 1 (left). However, it can be circumvented using the Unicode representation of the character in place of the actual character, for instance, ‘\u0064’ instead of the character ‘d’. Figure 1 (right) illustrates an example of a malicious template that could exploit this vulnerability by running the command specified in the ‘shell’ field. It can be used to create a playbook job and then run a job to execute a specified command.

Figure 1: The set of defined unsafe keywords (left) and the playbook template to bypass validation (right).


This vulnerability allows the threat actor with a low-privileged user account to inject a malicious Jinja2 template in JumpServer’s Ansible that leads to the execution of arbitrary code within the ‘jms_celery’ container with root privileges. The malicious template, as seen in Figure 2 can be used to create a playbook job and then run the same to execute the desired command.

Figure 2: Malicious jinja2 template

Triggering the Vulnerability

Leveraging the vulnerabilities mentioned above requires the attacker to meet the following prerequisites:

  • The attacker must have network access to the target vulnerable system along with the low-privileged user account.
  • The attacker must have permission to access at least a single valid asset.
  • A playbook needs to be fabricated using any of the above templates from the ‘Job > Template > Playbook manage’ section.
  • A playbook job needs to be created from the ‘Job > Job list’ section, leveraging the playbook created in the previous step.
  • The created job needs to be run.


While steps to trigger the vulnerability look tricky, the exploitation is straightforward. Since the Celery container runs with the root privileges, it yields the threat actor database access and access to the sensitive information across all the managed assets, such as hosts, devices, database, cloud service, web and GPT. Additionally, considering the crucial functionality of the jump host, it can lead to the exposure and compromise of the private network. Achieving remote code execution by leveraging the discussed vulnerabilities is demonstrated in the video below.

SonicWall Protections

To ensure SonicWall customers are prepared for any exploitation that may occur due to this vulnerability, the following signatures have been released:

  • IPS: 19849 JumpServer Ansible Playbook Input Validation Bypass
  • IPS: 19850 JumpServer Ansible Playbook Jinja2 Template Injection

Remediation Recommendations

Considering the pivotal position of a bastion host on a network, JumpServer users are strongly encouraged to upgrade their instances to the latest version (v3.10.7). If one cannot upgrade immediately, then the feature ‘Operation Center’ can be disabled temporarily by visiting System Settings > Features > Task Center.

Relevant Links

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.