CVE-2000-0116

Checkpoint Firewall-1 - Cross-Site Scripting via Malformed Script Tag Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0116. PoCs published by Arne Vidstrom.

AI-analyzed exploit summary This exploit demonstrates a bypass for Firewall-1's script tag filtering mechanism by using an extra opening angle bracket. It allows arbitrary JavaScript execution in the client's browser, potentially leading to remote compromise.

Description

Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Arne Vidstrom · htmlremotemultiple

https://www.exploit-db.com/exploits/19732

View Code ZIP pw:eip

This exploit demonstrates a bypass for Firewall-1's script tag filtering mechanism by using an extra opening angle bracket. It allows arbitrary JavaScript execution in the client's browser, potentially leading to remote compromise.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Firewall-1 version 3

No auth needed

Prerequisites: A vulnerable Firewall-1 version 3 instance · Client browser that executes the malicious script

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/954

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/1212

Scores

EPSS 0.0248

EPSS Percentile 82.5%

Details

Status published

Products (1)

checkpoint/firewall-1 3.0

Published Jan 29, 2000

Tracked Since Feb 18, 2026