{"vulnerability": "cve-2024-8504", "sightings": [{"uuid": "33dfa5bd-94a8-4a16-b133-64e9b2b93c71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "714be22f-8d17-41c9-906a-432ba99a99e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:06.000000Z"}, {"uuid": "be8a5c70-8f10-4124-ae06-8d11c28b9a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://bsky.app/profile/leakix.bsky.social/post/3m64stphv4w2u", "content": "", "creation_timestamp": "2025-11-21T08:00:07.144457Z"}, {"uuid": "f690acad-576a-4801-be4e-adabad94faeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/vicidial_agent_authenticated_rce.rb", "content": "", "creation_timestamp": "2024-09-30T21:37:15.000000Z"}, {"uuid": "efaa391c-7cf6-4dad-8e85-11a0e516fcd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/HackerArsenal/369", "content": "CVE-2024-8504 \u0438 CVE-2024-8503\n*\nSQLi and RCE  - VICIdial\n*\nExploit", "creation_timestamp": "2024-09-15T17:46:38.000000Z"}, {"uuid": "63d6fe4b-35f9-4bff-8a60-508e4e5a234a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8527", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aVICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504)\nURL\uff1ahttps://github.com/Chocapikk/CVE-2024-8504\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-14T06:31:55.000000Z"}, {"uuid": "4683c1ca-69ad-4d58-9a5a-d9a3a08add8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8572", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-8504\nURL\uff1ahttps://github.com/havokzero/ViciDial\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-22T20:19:27.000000Z"}, {"uuid": "23f5a526-ddd2-4615-aa99-5991aee774a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/CyberBulletin/686", "content": "\u26a1\ufe0fExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\n#CyberBulletin", "creation_timestamp": "2024-09-15T15:58:03.000000Z"}, {"uuid": "d1baa4b5-5ae2-47d8-9959-8f5b8eaaa720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/CyberBulletin/654", "content": "\u26a1\ufe0fExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\n#CyberBulletin", "creation_timestamp": "2024-09-15T15:18:29.000000Z"}, {"uuid": "3cdfdc65-1376-4253-a321-888c8af6c3e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/ton618cyber/3681", "content": "#exploit\n1. CVE-2024-8503,\nCVE-2024-8504:\nVICIdial unauth SQLi to RCE\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n2. Exploiting Exchange PowerShell After ProxyNotShell\nPart 1: https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty\nPart 2: https://www.zerodayinitiative.com/blog/2024/9/11/exploiting-exchange-powershell-after-proxynotshell-part-2-approvedapplicationcollection", "creation_timestamp": "2024-09-16T05:41:06.000000Z"}, {"uuid": "f74d4543-0f63-4381-ba57-bbd62ebbdf35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/13361", "content": "\u200aCritical Flaws Found in VICIdial Contact Center Suite: CVE-2024-8503 and CVE-2024-8504, PoC Published\n\nhttps://securityonline.info/critical-flaws-found-in-vicidial-contact-center-suite-cve-2024-8503-and-cve-2024-8504-poc-published/", "creation_timestamp": "2024-09-18T09:07:10.000000Z"}, {"uuid": "624f04eb-d74b-4a57-8d68-d3197dab1eff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "d8284458-49cc-4150-afec-ed99eefba651", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://mastodon.social/users/leakix/statuses/115586629732624033", "content": "", "creation_timestamp": "2025-11-21T08:00:04.860508Z"}, {"uuid": "c4d211c7-7f83-460f-8709-d54e2157af97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/cKure/13608", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 \u2623\ufe0f Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\nhttps://darkwebinformer.com/exploit-for-cve-2024-8504-cve-2024-8503-sqli-and-rce/", "creation_timestamp": "2024-09-15T21:38:10.000000Z"}, {"uuid": "957c17b1-d397-4854-8a4a-bfec5b93015e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/3625", "content": "\ud83d\udea8Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE\n\nhttps://darkwebinformer.com/exploit-for-cve-2024-8504-cve-2024-8503-sqli-and-rce/", "creation_timestamp": "2024-09-15T23:24:35.000000Z"}, {"uuid": "75c7b486-919d-496f-b010-b80dd62eac61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/ton618cyber/796", "content": "#exploit\n1. CVE-2024-8503,\nCVE-2024-8504:\nVICIdial unauth SQLi to RCE\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n2. Exploiting Exchange PowerShell After ProxyNotShell\nPart 1: https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty\nPart 2: https://www.zerodayinitiative.com/blog/2024/9/11/exploiting-exchange-powershell-after-proxynotshell-part-2-approvedapplicationcollection", "creation_timestamp": "2024-09-16T05:41:06.000000Z"}, {"uuid": "bc4ff189-bf49-4b66-8760-cea90aec1d90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/xatori_sec/160", "content": "https://github.com/Chocapikk/CVE-2024-8504", "creation_timestamp": "2024-09-15T09:25:24.000000Z"}, {"uuid": "12277277-0f27-40a0-9265-0617b7dc67bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1990", "content": "https://github.com/Chocapikk/CVE-2024-8504\n\nExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE\n#github #exploit", "creation_timestamp": "2024-09-15T11:00:14.000000Z"}, {"uuid": "d6e3b9be-3fac-4bd8-ad93-dce131bc2810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18698", "content": "https://github.com/Chocapikk/CVE-2024-8504\n\nExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE\n#github #exploit", "creation_timestamp": "2024-09-15T11:00:14.000000Z"}, {"uuid": "6059df34-5c9f-48a0-ac8d-58638268741e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/CyberBulletin/25524", "content": "\u26a1\ufe0fExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\n#CyberBulletin", "creation_timestamp": "2024-09-21T03:00:30.000000Z"}, {"uuid": "39fec0a6-288a-40dd-b6d7-6121793751c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3178", "content": "https://github.com/Chocapikk/CVE-2024-8504\n\nExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE\n#github #exploit", "creation_timestamp": "2024-09-15T10:34:19.000000Z"}, {"uuid": "cf005046-f801-4608-b911-94b4f61fc1db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11140", "content": "#exploit\n1. CVE-2024-8503,\nCVE-2024-8504:\nVICIdial unauth SQLi to RCE\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n2. Exploiting Exchange PowerShell After ProxyNotShell\nPart 1: https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty\nPart 2: https://www.zerodayinitiative.com/blog/2024/9/11/exploiting-exchange-powershell-after-proxynotshell-part-2-approvedapplicationcollection", "creation_timestamp": "2024-09-16T10:55:46.000000Z"}, {"uuid": "8cf00c73-ea08-41ab-a690-050e646f22a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/Rootsec_2/4447", "content": "#exploit\n1. CVE-2024-8503,\nCVE-2024-8504:\nVICIdial unauth SQLi to RCE\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n2. Exploiting Exchange PowerShell After ProxyNotShell\nPart 1: https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty\nPart 2: https://www.zerodayinitiative.com/blog/2024/9/11/exploiting-exchange-powershell-after-proxynotshell-part-2-approvedapplicationcollection", "creation_timestamp": "2024-09-18T04:12:48.000000Z"}, {"uuid": "b3d4fef3-c9db-4b7c-b529-4869d70447fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/z3xploit/348", "content": "Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE \u26a1\ufe0f\n\nGithub\n\nReadhere\n\n#cve #exploit #sqli #rce\n\nJoin Z3XPLOIT \ud83d\udc8e", "creation_timestamp": "2024-09-21T12:50:59.000000Z"}, {"uuid": "46f8c5f3-5b2f-4f39-ac6f-18eb5ce0a702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "Telegram/TohYDeIuVZAPrMW-eMaPaRDc6ooYv7pvZtWGGCpbn-z3FQ", "content": "", "creation_timestamp": "2024-09-15T11:00:18.000000Z"}, {"uuid": "eb8c392b-8ed7-415a-8f84-378d622a7a0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/cvedetector/5298", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8504 - VICIdial Root Shell Command Execution\", \n  \"Content\": \"CVE ID : CVE-2024-8504 \nPublished : Sept. 10, 2024, 8:15 p.m. | 15\u00a0minutes ago \nDescription : An attacker with authenticated access to VICIdial as an \"agent\" can execute arbitrary shell commands as the \"root\" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T22:37:05.000000Z"}, {"uuid": "7121355a-0e29-4a56-a80f-c4a502dd824e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/ExploitQuest/27", "content": "\u26a1\ufe0f Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE \u26a1\ufe0f\n\n\n\nhttps://github.com/Chocapikk/CVE-2024-8504/blob/main/", "creation_timestamp": "2024-09-15T10:16:32.000000Z"}, {"uuid": "bc5117f5-e5d4-47fd-8e85-29ee968c7a8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/Cyberwise_tools/100", "content": "VICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504) \ud83d\udea8\nExploit :  \u2b07\ufe0f\u2b07\ufe0f\u2b07\ufe0f\nhttps://github.com/Chocapikk/CVE-2024-8504/", "creation_timestamp": "2024-09-18T03:29:21.000000Z"}, {"uuid": "8940cdf5-7ff0-4575-b20a-0b9797cfad70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/CyberDilara/886", "content": "\u26a1\ufe0fExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\n#CyberBulletin", "creation_timestamp": "2024-09-15T15:18:34.000000Z"}, {"uuid": "072871f7-ae81-417a-8023-f2a1f066ff60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/890", "content": "Exploit for #SQLi and #RCE in #VICIdial.\n\nThe exploit can be found here: \n\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n#CyberDilara", "creation_timestamp": "2024-09-16T08:44:23.000000Z"}, {"uuid": "a7a4160b-ffee-4f33-9624-2c3590fd1778", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23796", "content": "Exploit for #SQLi and #RCE in #VICIdial.\n\nThe exploit can be found here: \n\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n#CyberDilara", "creation_timestamp": "2024-09-16T08:46:44.000000Z"}, {"uuid": "e50f0247-07da-473a-b994-8a92d998e99d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "seen", "source": "https://t.me/proxy_bar/2264", "content": "CVE-2024-8504 \u0438 CVE-2024-8503\n*\nSQLi and RCE  - VICIdial\n*\nExploit", "creation_timestamp": "2024-09-15T08:46:36.000000Z"}, {"uuid": "dd9ac1e2-e6ae-4ba9-9c3f-1aa1bd670ca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/Root_Exploit/728", "content": "Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE \u26a1\ufe0f\n\nGithub\n\nReadhere\n\n#cve #exploit #sqli #rce\n\nJoin RootExploit \ud83d\udc8e", "creation_timestamp": "2024-09-16T09:11:51.000000Z"}, {"uuid": "b4c79660-f33b-4fa0-9a28-9093dd8eb9c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8504", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/304", "content": "Exploit for #SQLi and #RCE in #VICIdial.\n\nThe exploit can be found here: \n\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n#CyberDilara", "creation_timestamp": "2024-09-16T08:46:45.000000Z"}]}