支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款
一、 漏洞 CVE-2024-24919 基础信息
漏洞信息
                                        # 信息泄露

# 漏洞描述

## 概述
攻击者可能通过该漏洞读取某些信息,前提是攻击者已连接到互联网,并且启用了远程访问VPN或移动访问软件刀片的Check Point安全网关。

## 影响版本
未提供具体影响版本信息。

## 细节
该漏洞允许攻击者读取Check Point安全网关上的某些信息,前提是安全网关已连接到互联网,并且启用了远程访问VPN或移动访问软件刀片。

## 影响
攻击者可能利用此漏洞读取敏感信息,导致数据泄露。目前已有安全修复补丁可用。
神龙判断

是否为 Web 类漏洞:

判断理由:

是。这个漏洞存在于Check Point Security Gateways中,当设备连接到互联网并启用了远程访问VPN或移动访问软件刀片时,可能允许攻击者读取某些信息。这是一个服务端的漏洞,因为漏洞的存在和利用都依赖于服务器端的配置和状态。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
Information disclosure
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
来源:美国国家漏洞数据库 NVD
漏洞类别
信息暴露
来源:美国国家漏洞数据库 NVD
漏洞标题
Check Point Security Gateways 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Check Point Security Gateways是以色列Check Point公司的一个人工智能驱动的 NGFW 安全网关。 Check Point Security Gateways 存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2024-24919 的公开POC
#POC 描述源链接神龙链接
1Nuclei Template to discover CVE-2024-24919. A path traversal vulnerability in CheckPoint SSLVPN.https://github.com/c3rrberu5/CVE-2024-24919POC详情
2POC exploit for CVE-2024-24919 information leakage https://github.com/emanueldosreis/CVE-2024-24919POC详情
3Nonehttps://github.com/hendprw/CVE-2024-24919POC详情
4CVE-2024-24919 Exploit PoChttps://github.com/LucasKatashi/CVE-2024-24919POC详情
5Nonehttps://github.com/eoslvs/CVE-2024-24919POC详情
6Quick and simple script that takes as input a file with multiple URLs to check for the CVE-2024-24919 vulnerability in CHECKPOINThttps://github.com/Bytenull00/CVE-2024-24919POC详情
7Nonehttps://github.com/am-eid/CVE-2024-24919POC详情
8Nonehttps://github.com/pewc0/CVE-2024-24919POC详情
9Simple POC Python script that check & leverage Check Point CVE-2024-24919 vulnerability (Wrong Check Point)https://github.com/zam89/CVE-2024-24919POC详情
10A simple bash and python script to check for the vulnerability CVE-2024-24919https://github.com/satriarizka/CVE-2024-24919POC详情
11CLI based PoC for CVE-2024-24919https://github.com/3UR/CVE-2024-24919POC详情
12An Vulnerability detection and Exploitation tool for CVE-2024-24919https://github.com/RevoltSecurities/CVE-2024-24919POC详情
13Nonehttps://github.com/Vulnpire/CVE-2024-24919POC详情
14Nonehttps://github.com/seed1337/CVE-2024-24919-POCPOC详情
15Nonehttps://github.com/0x3f3c/CVE-2024-24919POC详情
16Nonehttps://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPNPOC详情
17Nuclei template for CVE-2024-24919 https://github.com/smackerdodi/CVE-2024-24919-nuclei-templaterPOC详情
18CVE-2024-24919 exploithttps://github.com/GoatSecurity/CVE-2024-24919POC详情
19Exploit tool to validate CVE-2024-24919 vulnerability on Checkpoint Firewall VPNshttps://github.com/GlobalsecureAcademy/CVE-2024-24919POC详情
20Nonehttps://github.com/nexblade12/CVE-2024-24919POC详情
21This repository contains a proof-of-concept (PoC) exploit for CVE-2024-24919, a critical vulnerability discovered in Check Point SVN. The vulnerability allows for reading system files. CVE ID: CVE-2024-24919https://github.com/un9nplayer/CVE-2024-24919POC详情
22Nonehttps://github.com/MohamedWagdy7/CVE-2024-24919POC详情
23Check Point Security Gateway (LFI)https://github.com/Cappricio-Securities/CVE-2024-24919POC详情
24Nonehttps://github.com/fernandobortotti/CVE-2024-24919POC详情
25Nonehttps://github.com/nicolvsrlr27/CVE-2024-24919POC详情
26Nonehttps://github.com/gurudattch/CVE-2024-24919POC详情
27Mass scanner for CVE-2024-24919https://github.com/YN1337/CVE-2024-24919POC详情
28CVE-2024-24919 [Check Point Security Gateway Information Disclosure]https://github.com/ifconfig-me/CVE-2024-24919-Bulk-ScannerPOC详情
29Esta herramienta se utiliza para validar la vulnerabilidad CVE-2024-24919 en las VPN de Checkpoint Firewallhttps://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-CheckPOC详情
30Herramienta de explotación para explotar la vulnerabilidad CVE-2024-24919 en las VPN de Checkpoint Firewallhttps://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPNPOC详情
31Nonehttps://github.com/J4F9S5D2Q7/CVE-2024-24919POC详情
32Nonehttps://github.com/mr-kasim-mehar/CVE-2024-24919-ExploitPOC详情
33Nonehttps://github.com/B1naryo/CVE-2024-24919-POCPOC详情
34a Proof of Concept of CVE-2024-24919https://github.com/Expl0itD0g/CVE-2024-24919---PocPOC详情
35CVE-2024-24919 Sniper - A powerful tool for scanning Check Point Security Gateway CVE-2024-24919 vulnerability. Supports single & bulk scanning, multithreading, and generates detailed CSV reports. Ideal for penetration testers and security researchers.https://github.com/bigb0x/CVE-2024-24919-SniperPOC详情
36Nonehttps://github.com/birdlex/cve-2024-24919-checkerPOC详情
37 CVE-2024-24919 Exploit and PoC - Critical LFI for Remote Access VPN or Mobile Access.https://github.com/Rug4lo/CVE-2024-24919-ExploitPOC详情
38Nonehttps://github.com/0nin0hanz0/CVE-2024-24919-PoCPOC详情
39Nmap script to check vulnerability CVE-2024-24919https://github.com/GuayoyoCyber/CVE-2024-24919POC详情
40Nonehttps://github.com/0xans/CVE-2024-24919POC详情
41Nonehttps://github.com/Tim-Hoekstra/CVE-2024-24919POC详情
42A Simple Exploit Code(POC) to Automate CVE-2024–24919https://github.com/starlox0/CVE-2024-24919-POCPOC详情
43CVE-2024-24919 exploit that checks more files for better visibilityhttps://github.com/nullcult/CVE-2024-24919-ExploitPOC详情
44Nonehttps://github.com/satchhacker/cve-2024-24919POC详情
45Nonehttps://github.com/P3wc0/CVE-2024-24919POC详情
46Nonehttps://github.com/J4F9S5D2Q7/CVE-2024-24919-CHECKPOINTPOC详情
47POC - CVE-2024–24919 - Check Point Security Gatewayshttps://github.com/verylazytech/CVE-2024-24919POC详情
48Python script to automate the process of finding vulnerable sites for CVE-2024-24919.https://github.com/protonnegativo/CVE-2024-24919POC详情
49Nonehttps://github.com/SalehLardhi/CVE-2024-24919POC详情
50Nonehttps://github.com/ShadowByte1/CVE-2024-24919POC详情
51Hello everyone, I am sharing a modified script from CVE-2024-24919 which can extract paths categorized as critical.https://github.com/H3KEY/CVE-2024-24919POC详情
52Nonehttps://github.com/Jutrm/cve-2024-24919POC详情
53Nonehttps://github.com/smkxt1/CVE-2024-24919POC详情
54Nonehttps://github.com/yagyuufellinluvv/CVE-2024-24919POC详情
55Nonehttps://github.com/LuisMateo1/Arbitrary-File-Read-CVE-2024-24919POC详情
56🔍 Just wrapped up an incident report on a Phishing Alert (Event ID 257, SOC282). Enhancing my expertise in email threat detection and response! 🚨 #Cybersecurity #SOCAnalyst #LetsDefendhttps://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-POC详情
57Nonehttps://github.com/0xYumeko/CVE-2024-24919POC详情
58PoC script for CVE-2024-24919 vulnerability. It scans a list of target URLs to identify security issues by sending HTTP POST requests and analyzing server responseshttps://github.com/geniuszlyy/CVE-2024-24919POC详情
59Nonehttps://github.com/skyrowalker/CVE-2024-24919POC详情
60Nonehttps://github.com/0xkalawy/CVE-2024-24919POC详情
61It's Proof of Concept on CVE-2024-24919-POC , i made it after it's discoverd https://github.com/sar-3mar/CVE-2024-24919_POCPOC详情
62Check-Point安全网关任意文件读取漏洞(CVE-2024-24919)https://github.com/NingXin2002/Check-Point_pocPOC详情
63PoC script for CVE-2024-24919 vulnerability. It scans a list of target URLs to identify security issues by sending HTTP POST requests and analyzing server responseshttps://github.com/geniuszly/CVE-2024-24919POC详情
64CVE-2024-24919 exploit that checks more files for better visibilityhttps://github.com/ronniensale/CVE-2024-24919-ExploitPOC详情
65SOC287 - Arbitrary File Read on Checkpoint Security Gateway [CVE-2024-24919]https://github.com/drake044/SOC_287POC详情
66SOC287 - Arbitrary File Read on Checkpoint Security Gateway [CVE-2024-24919]https://github.com/hashdr1ft/SOC_287POC详情
67Nonehttps://github.com/funixone/CVE-2024-24919---Exploit-ScriptPOC详情
68Nonehttps://github.com/spider00009/CVE-2024-24919-POCPOC详情
69Nonehttps://github.com/0xlf/CVE-2024-24919POC详情
70Nonehttps://github.com/ejaboz/cve-2024-24919POC详情
71Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-24919.yamlPOC详情
72Nonehttps://github.com/zxcod3/CVE-2024-24919POC详情
73Nonehttps://github.com/CyprianAtsyor/CVE-2024-24919-Incident-Report.mdPOC详情
74Nonehttps://github.com/CyberBibs/Event-ID-263-Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-POC详情
75Nonehttps://github.com/MacUchegit/Detecting-and-Analyzing-CVE-2024-24919-ExploitationPOC详情
76Nonehttps://github.com/SpiX-7/CVE-2024-24919-POCPOC详情
77Nonehttps://github.com/0zerobyte/CVE-2024-24919POC详情
78Nonehttps://github.com/voidbroker/CVE-2024-24919POC详情
三、漏洞 CVE-2024-24919 的情报信息
四、漏洞 CVE-2024-24919 的评论

暂无评论

发表评论