CVE-2024-4879

This exploit targets CVE-2024-4879, an input validation vulnerability in ServiceNow Platform (Vancouver, Washington DC, Utah releases) allowing unauthenticated remote code execution via template injection. The PoC sends crafted payloads to extract sensitive information and confirm vulnerability.

This repository provides Nuclei templates for detecting and exploiting CVE-2024-4879, a Jelly Template Injection vulnerability in ServiceNow. It includes templates for detection and database exploitation, but no direct exploit code is present.

This repository contains a bulk scanning tool for detecting CVE-2024-4879 in ServiceNow instances. The tool checks for the presence of a specific XSS vulnerability by injecting a Jelly template payload and verifying the response.

This repository provides Nuclei templates and Shodan dorks for scanning ServiceNow instances vulnerable to CVE-2024-4879 and CVE-2024-5217. It does not contain exploit code but aids in identifying potential targets.

This PoC exploits a Jelly template injection vulnerability in ServiceNow (CVE-2024-4879) to achieve remote code execution. It checks for vulnerability, extracts database configuration, and dumps user credentials via crafted Jelly XML payloads.

This Python script exploits a template injection vulnerability in ServiceNow (CVE-2024-4879) to check for the presence of the flaw and dump database connection details if vulnerable. It uses a crafted Jelly XML payload to trigger the vulnerability and extract sensitive configuration details.

The repository contains functional exploit code for CVE-2024-4879, including a YAML template for Nuclei and a README with detailed exploitation steps. The YAML file includes HTTP requests to exploit the vulnerability, and the README provides clear instructions for manual and automated exploitation.

This PoC exploits CVE-2024-4879 in ServiceNow by chaining title injection, template injection mitigation bypass, and filesystem filter bypass to achieve unauthenticated remote code execution and data exfiltration. It fetches database configuration and user credentials from vulnerable instances.

This PoC exploits a Jelly XML injection vulnerability in ServiceNow (CVE-2024-4879) to achieve unauthenticated remote code execution. It checks for vulnerability, dumps database configuration, and extracts user credentials via crafted payloads.

This PoC exploits a template injection vulnerability in ServiceNow to dump database connection details. It sends crafted requests to trigger the vulnerability and extract sensitive configuration data.