CVE-2024-24919 PoC — Information disclosure

Source

https://github.com/seed1337/CVE-2024-24919-POC

Associated Vulnerability

Title:Information disclosure (CVE-2024-24919)
Description:Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

Readme

# CVE-2024-24919-POC 

### Read about it - https://nvd.nist.gov/vuln/detail/CVE-2024-24919

### The vulnerability allows an unauthenticated remote attacker to read the contents of an arbitrary file located on the affected appliance.

#### Nuclei Template: https://github.com/johnk3r/nuclei-templates/blob/c226ece895c8e4e6aec22aff66f21e5b8b70e08e/http/cves/2024/CVE-2024-24919.yaml

#### Shodan Dork: title:"Check Point" || "Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7"

#### Fofa Dork: app="Check_Point-SSL-Network-Extender"

### This POC is made for educational and ethical testing purposes only. Usage of this tool for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

File Snapshot


 [4.0K]  /data/pocs/469fc98a32f05b457bad64c78afb3dc0a897cb61
├── [4.6K]  exploit.py
└── [ 887]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!