CVE-2024-24919 PoC — Check Point Security Gateways 安全漏洞

Source

https://github.com/Expl0itD0g/CVE-2024-24919---Poc

Associated Vulnerability

Title:Check Point Security Gateways 安全漏洞 (CVE-2024-24919)
Description:Check Point Security Gateways是以色列Check Point公司的一个人工智能驱动的 NGFW 安全网关。 Check Point Security Gateways 存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。

Description

a Proof of Concept of CVE-2024-24919

Readme

# CVE-2024-24919 PoC
a Proof of Concept of CVE-2024-24919


Read about it - https://nvd.nist.gov/vuln/detail/CVE-2024-24919
The vulnerability allows an unauthenticated remote attacker to read the contents of an arbitrary file located on the affected appliance.
Description

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades.

Nuclei Template: https://github.com/johnk3r/nuclei-templates/blob/c226ece895c8e4e6aec22aff66f21e5b8b70e08e/http/cves/2024/CVE-2024-24919.yaml

Shodan Dork foor check point: title:"Check Point" || "Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7"


This POC is made for educational and ethical testing purposes only. Usage of this tool for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

File Snapshot


 [4.0K]  /data/pocs/8ea341aab52b6f7895373beb0e26c78cd6894b0a
└── [1.0K]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!