CVE-2001-1303

Check Point Firewall-1 - Unauthenticated Sensitive Information Exposure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-1303. PoCs published by Haroon Meer & Roelof Temmingh.

AI-analyzed exploit summary This Perl script exploits an information disclosure vulnerability in Check Point Firewall-1's SecureRemote VPN by sending a crafted packet to retrieve network topology data without authentication. It targets ports 256 or 264 and parses the response to extract sensitive information.

Description

The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain sensitive configuration information for the protected network without authentication.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Haroon Meer & Roelof Temmingh · perlremotehardware
https://www.exploit-db.com/exploits/21015

This Perl script exploits an information disclosure vulnerability in Check Point Firewall-1's SecureRemote VPN by sending a crafted packet to retrieve network topology data without authentication. It targets ports 256 or 264 and parses the response to extract sensitive information.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Check Point Firewall-1 SecureRemote (older versions)
No auth needed
Prerequisites: Network access to the target system · Firewall-1 SecureRemote with 'Allow unauthenticated cleartext topology downloads' enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/6857
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3058
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/197566
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/588

Scores

EPSS 0.0885
EPSS Percentile 94.5%

Details

Status published
Products (2)
checkpoint/firewall-1 4.0
checkpoint/firewall-1 4.1 (5 CPE variants)
Published Jul 18, 2001
Tracked Since Feb 18, 2026