CVE-2024-24919 PoC — Information disclosure

Source

https://github.com/YN1337/CVE-2024-24919

Associated Vulnerability

Title:Information disclosure (CVE-2024-24919)
Description:Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.

Description

Mass scanner for CVE-2024-24919

Readme

Mass Auto Scanner for CVE-2024-24919
This script is designed to scan a list of URLs for the CVE-2024-24919 vulnerability on remote Check Point firewalls. It attempts to exploit the vulnerability by sending a malicious POST request to extract specified files from the target servers.

--------------------------------------------------------------------------------
Running the Script
Save the provided script to a Python file, for example, mass_auto_scanner.py.
Open a terminal or command prompt.
Navigate to the directory where you saved mass_auto_scanner.py and the urls.txt file.
Run the script using the following command:
--------------------------------------------------------------------------------

python scanner.py -l urls.txt -f /etc/passwd -o results.txt

--------------------------------------------------------------------------------
Ethical Considerations
Warning: This script is intended for ethical hacking and penetration testing purposes only. Unauthorized scanning of systems is illegal and unethical. Use this script only on systems you have explicit permission to test. Responsible disclosure to affected vendors is crucial to allow them to patch any discovered vulnerabilities.

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!