CVE-2024-4879 PoC — ServiceNow 安全漏洞

Source

https://github.com/Praison001/CVE-2024-4879-ServiceNow

Associated Vulnerability

Title:ServiceNow 安全漏洞 (CVE-2024-4879)
Description:ServiceNow是美国ServiceNow公司的一个云计算平台。以帮助公司管理企业运营的数字工作流程。 ServiceNow存在安全漏洞。攻击者利用该漏洞可以在 Now Platform 环境中远程执行代码。

Description

Exploit for CVE-2024-4879 affecting Vancouver, Washington DC Now and Utah Platform releases

Readme

# CVE-2024-4879-ServiceNow
**ServiceNow** is a platform for business transformation which helps companies manage digital workflows for enterprise operations.

**CVE-2024-4879** could allow an unauthenticated user to remotely execute code within the Now Platform. This vulnerability exploits three issues by chaining them together: Title Injection, Template Injection Mitigation Bypass, and Filesystem Filter Bypass, to access ServiceNow data.

The affected versions include Vancouver, Washington DC Now and Utah platform releases

**Usage:** python3 exploit.py -i < target_IP >

**Usage example:** python3 exploit.py -i 127.0.0.1

**Disclaimer: This exploit is to be used only for educational and authorized testing purposes. Illegal/unauthorized use of this exploit is prohibited. I am not responsible for any misuse or damage caused by this script.**

**References:** https://www.assetnote.io/resources/research/chaining-three-bugs-to-access-all-your-servicenow-data

File Snapshot


 [4.0K]  /data/pocs/7f7911c5f58c8a5a84e8339e936a54eee6d56642
├── [5.7K]  exploit.py
└── [ 969]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!