Information disclosure 漏洞信息(CVE-2024-24919)

一、漏洞 CVE-2024-24919 基础信息

漏洞信息

                                        # 信息泄露

# 漏洞描述

## 概述
攻击者可能通过该漏洞读取某些信息，前提是攻击者已连接到互联网，并且启用了远程访问VPN或移动访问软件刀片的Check Point安全网关。

## 影响版本
未提供具体影响版本信息。

## 细节
该漏洞允许攻击者读取Check Point安全网关上的某些信息，前提是安全网关已连接到互联网，并且启用了远程访问VPN或移动访问软件刀片。

## 影响
攻击者可能利用此漏洞读取敏感信息，导致数据泄露。目前已有安全修复补丁可用。

提示

尽管我们采用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确，但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利！

漏洞标题

Information disclosure

来源：美国国家漏洞数据库 NVD

漏洞描述信息

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

来源：美国国家漏洞数据库 NVD

CVSS信息

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

来源：美国国家漏洞数据库 NVD

漏洞类别

信息暴露

来源：美国国家漏洞数据库 NVD

漏洞标题

Check Point Security Gateways 安全漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Check Point Security Gateways是以色列Check Point公司的一个人工智能驱动的 NGFW 安全网关。 Check Point Security Gateways 存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

其他

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2024-24919 的公开POC

#	POC 描述	源链接	神龙链接
1	Nuclei Template to discover CVE-2024-24919. A path traversal vulnerability in CheckPoint SSLVPN.	https://github.com/c3rrberu5/CVE-2024-24919	POC详情
2	POC exploit for CVE-2024-24919 information leakage	https://github.com/emanueldosreis/CVE-2024-24919	POC详情
3	None	https://github.com/hendprw/CVE-2024-24919	POC详情
4	CVE-2024-24919 Exploit PoC	https://github.com/LucasKatashi/CVE-2024-24919	POC详情
5	None	https://github.com/eoslvs/CVE-2024-24919	POC详情
6	Quick and simple script that takes as input a file with multiple URLs to check for the CVE-2024-24919 vulnerability in CHECKPOINT	https://github.com/Bytenull00/CVE-2024-24919	POC详情
7	None	https://github.com/am-eid/CVE-2024-24919	POC详情
8	None	https://github.com/pewc0/CVE-2024-24919	POC详情
9	Simple POC Python script that check & leverage Check Point CVE-2024-24919 vulnerability (Wrong Check Point)	https://github.com/zam89/CVE-2024-24919	POC详情
10	A simple bash and python script to check for the vulnerability CVE-2024-24919	https://github.com/satriarizka/CVE-2024-24919	POC详情
11	CLI based PoC for CVE-2024-24919	https://github.com/3UR/CVE-2024-24919	POC详情
12	An Vulnerability detection and Exploitation tool for CVE-2024-24919	https://github.com/RevoltSecurities/CVE-2024-24919	POC详情
13	None	https://github.com/Vulnpire/CVE-2024-24919	POC详情
14	None	https://github.com/seed1337/CVE-2024-24919-POC	POC详情
15	None	https://github.com/0x3f3c/CVE-2024-24919	POC详情
16	None	https://github.com/Praison001/CVE-2024-24919-Check-Point-Remote-Access-VPN	POC详情
17	Nuclei template for CVE-2024-24919	https://github.com/smackerdodi/CVE-2024-24919-nuclei-templater	POC详情
18	CVE-2024-24919 exploit	https://github.com/GoatSecurity/CVE-2024-24919	POC详情
19	Exploit tool to validate CVE-2024-24919 vulnerability on Checkpoint Firewall VPNs	https://github.com/GlobalsecureAcademy/CVE-2024-24919	POC详情
20	None	https://github.com/nexblade12/CVE-2024-24919	POC详情
21	This repository contains a proof-of-concept (PoC) exploit for CVE-2024-24919, a critical vulnerability discovered in Check Point SVN. The vulnerability allows for reading system files. CVE ID: CVE-2024-24919	https://github.com/un9nplayer/CVE-2024-24919	POC详情
22	None	https://github.com/MohamedWagdy7/CVE-2024-24919	POC详情
23	Check Point Security Gateway (LFI)	https://github.com/Cappricio-Securities/CVE-2024-24919	POC详情
24	None	https://github.com/fernandobortotti/CVE-2024-24919	POC详情
25	None	https://github.com/nicolvsrlr27/CVE-2024-24919	POC详情
26	None	https://github.com/gurudattch/CVE-2024-24919	POC详情
27	Mass scanner for CVE-2024-24919	https://github.com/YN1337/CVE-2024-24919	POC详情
28	CVE-2024-24919 [Check Point Security Gateway Information Disclosure]	https://github.com/ifconfig-me/CVE-2024-24919-Bulk-Scanner	POC详情
29	Esta herramienta se utiliza para validar la vulnerabilidad CVE-2024-24919 en las VPN de Checkpoint Firewall	https://github.com/r4p3c4/CVE-2024-24919-Checkpoint-Firewall-VPN-Check	POC详情
30	Herramienta de explotación para explotar la vulnerabilidad CVE-2024-24919 en las VPN de Checkpoint Firewall	https://github.com/r4p3c4/CVE-2024-24919-Exploit-PoC-Checkpoint-Firewall-VPN	POC详情
31	None	https://github.com/J4F9S5D2Q7/CVE-2024-24919	POC详情
32	None	https://github.com/mr-kasim-mehar/CVE-2024-24919-Exploit	POC详情
33	None	https://github.com/B1naryo/CVE-2024-24919-POC	POC详情
34	a Proof of Concept of CVE-2024-24919	https://github.com/Expl0itD0g/CVE-2024-24919---Poc	POC详情
35	CVE-2024-24919 Sniper - A powerful tool for scanning Check Point Security Gateway CVE-2024-24919 vulnerability. Supports single & bulk scanning, multithreading, and generates detailed CSV reports. Ideal for penetration testers and security researchers.	https://github.com/bigb0x/CVE-2024-24919-Sniper	POC详情
36	None	https://github.com/birdlex/cve-2024-24919-checker	POC详情
37	CVE-2024-24919 Exploit and PoC - Critical LFI for Remote Access VPN or Mobile Access.	https://github.com/Rug4lo/CVE-2024-24919-Exploit	POC详情
38	None	https://github.com/0nin0hanz0/CVE-2024-24919-PoC	POC详情
39	Nmap script to check vulnerability CVE-2024-24919	https://github.com/GuayoyoCyber/CVE-2024-24919	POC详情
40	None	https://github.com/0xans/CVE-2024-24919	POC详情
41	None	https://github.com/Tim-Hoekstra/CVE-2024-24919	POC详情
42	A Simple Exploit Code(POC) to Automate CVE-2024–24919	https://github.com/starlox0/CVE-2024-24919-POC	POC详情
43	CVE-2024-24919 exploit that checks more files for better visibility	https://github.com/nullcult/CVE-2024-24919-Exploit	POC详情
44	None	https://github.com/satchhacker/cve-2024-24919	POC详情
45	None	https://github.com/P3wc0/CVE-2024-24919	POC详情
46	None	https://github.com/J4F9S5D2Q7/CVE-2024-24919-CHECKPOINT	POC详情
47	POC - CVE-2024–24919 - Check Point Security Gateways	https://github.com/verylazytech/CVE-2024-24919	POC详情
48	Python script to automate the process of finding vulnerable sites for CVE-2024-24919.	https://github.com/protonnegativo/CVE-2024-24919	POC详情
49	None	https://github.com/SalehLardhi/CVE-2024-24919	POC详情
50	None	https://github.com/ShadowByte1/CVE-2024-24919	POC详情
51	Hello everyone, I am sharing a modified script from CVE-2024-24919 which can extract paths categorized as critical.	https://github.com/H3KEY/CVE-2024-24919	POC详情
52	None	https://github.com/Jutrm/cve-2024-24919	POC详情
53	None	https://github.com/smkxt1/CVE-2024-24919	POC详情
54	None	https://github.com/yagyuufellinluvv/CVE-2024-24919	POC详情
55	None	https://github.com/LuisMateo1/Arbitrary-File-Read-CVE-2024-24919	POC详情
56	🔍 Just wrapped up an incident report on a Phishing Alert (Event ID 257, SOC282). Enhancing my expertise in email threat detection and response! 🚨 #Cybersecurity #SOCAnalyst #LetsDefend	https://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-	POC详情
57	None	https://github.com/0xYumeko/CVE-2024-24919	POC详情
58	PoC script for CVE-2024-24919 vulnerability. It scans a list of target URLs to identify security issues by sending HTTP POST requests and analyzing server responses	https://github.com/geniuszlyy/CVE-2024-24919	POC详情
59	None	https://github.com/skyrowalker/CVE-2024-24919	POC详情
60	None	https://github.com/0xkalawy/CVE-2024-24919	POC详情
61	It's Proof of Concept on CVE-2024-24919-POC , i made it after it's discoverd	https://github.com/sar-3mar/CVE-2024-24919_POC	POC详情
62	Check-Point安全网关任意文件读取漏洞(CVE-2024-24919)	https://github.com/NingXin2002/Check-Point_poc	POC详情
63	PoC script for CVE-2024-24919 vulnerability. It scans a list of target URLs to identify security issues by sending HTTP POST requests and analyzing server responses	https://github.com/geniuszly/CVE-2024-24919	POC详情
64	CVE-2024-24919 exploit that checks more files for better visibility	https://github.com/ronniensale/CVE-2024-24919-Exploit	POC详情
65	SOC287 - Arbitrary File Read on Checkpoint Security Gateway [CVE-2024-24919]	https://github.com/drake044/SOC_287	POC详情
66	SOC287 - Arbitrary File Read on Checkpoint Security Gateway [CVE-2024-24919]	https://github.com/hashdr1ft/SOC_287	POC详情
67	None	https://github.com/funixone/CVE-2024-24919---Exploit-Script	POC详情
68	None	https://github.com/spider00009/CVE-2024-24919-POC	POC详情
69	None	https://github.com/0xlf/CVE-2024-24919	POC详情
70	None	https://github.com/ejaboz/cve-2024-24919	POC详情
71	Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-24919.yaml	POC详情
72	None	https://github.com/zxcod3/CVE-2024-24919	POC详情
73	None	https://github.com/CyprianAtsyor/CVE-2024-24919-Incident-Report.md	POC详情
74	None	https://github.com/CyberBibs/Event-ID-263-Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-	POC详情
75	None	https://github.com/MacUchegit/Detecting-and-Analyzing-CVE-2024-24919-Exploitation	POC详情

三、漏洞 CVE-2024-24919 的情报信息

四、漏洞 CVE-2024-24919 的评论

暂无评论

一、 漏洞 CVE-2024-24919 基础信息

漏洞信息

提示

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2024-24919 的公开POC

三、漏洞 CVE-2024-24919 的情报信息

四、漏洞 CVE-2024-24919 的评论

发表评论

一、漏洞 CVE-2024-24919 基础信息