Skip to content

skyrowalker/CVE-2024-24919

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
CVE-2024-24919.py
CVE-2024-24919.py
 
 
README.md
README.md
 
 
image-4.png
image-4.png
 
 
image-5.png
image-5.png
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

CVE-2024-24919

Description

CVE-2024-24919 is a critical information disclosure vulnerability affecting various Check Point security products, including Quantum Security Gateways and CloudGuard. It has a high CVSS score of 8.6 and allows unauthenticated attackers to read sensitive files from the affected devices, such as /etc/passwd, /etc/shadow, and configuration files related to network security and VPNs. This means attackers can potentially gain domain privileges and access sensitive information without user interaction or special privileges​

How It Works

The script allows the user to input an IP address and a port, then sends POST requests to a specific endpoint (/clients/MyCRL) for various configuration files (such as /etc/passwd, /etc/shadow, among others). The script indicates whether the request was successful or failed, marking successful responses with an 'O' and failed ones with an 'X'.

Installation

git clone https://https://github.com/skyrowalker/CVE-2024-24919.git
cd CVE-2024-24919
pip install -r requirements.txt
python3 CVE-2024-24919.py

Images

alt text alt text

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages