CVE-2024-24919

This repository contains a functional exploit for CVE-2024-24919, an arbitrary file read vulnerability in Check Point SSL Network Extender. The exploit sends a crafted POST request to '/clients/MyCRL' with a path traversal payload to read sensitive files like '/etc/shadow'.

The repository contains a bulk scanner for CVE-2024-24919, which checks for vulnerable Check Point endpoints by sending crafted POST requests to '/clients/MyCRL' and analyzing response headers. It does not include exploit code for achieving RCE or other offensive actions, only detection logic.

The repository contains a functional exploit for CVE-2024-24919, targeting Check Point VPN appliances. The exploit leverages a path traversal vulnerability to dump sensitive files (e.g., /etc/passwd) from vulnerable systems.

The repository contains a functional Python script that exploits CVE-2024-24919, a path traversal vulnerability in Check Point Security Gateway, to read arbitrary files. The exploit sends crafted HTTP requests to the vulnerable endpoint `/clients/MyCRL` with traversal sequences to access sensitive files.

The repository contains a functional Python script that exploits CVE-2024-24919, a critical vulnerability in Check Point SVN allowing arbitrary file read via directory traversal. The script uses curl commands to send crafted POST requests to read system files like /etc/passwd.

The PoC exploits a path traversal vulnerability in Check Point SSL Network Extender by sending a crafted POST request to the '/clients/MyCRL' endpoint, allowing arbitrary file read access. The script uses a directory traversal payload to read files like '/etc/passwd'.

This repository contains a functional Python exploit for CVE-2024-24919, an unauthenticated file read vulnerability in Check Point Security Gateways. The exploit sends a crafted POST request to read sensitive files (e.g., /etc/shadow) via path traversal.

The repository contains a functional exploit for CVE-2024-24919, targeting Check Point Security Gateways with an information disclosure vulnerability. The PoC sends crafted HTTP requests to read sensitive files like /etc/passwd and /etc/shadow via path traversal.

The repository contains a detailed technical writeup for CVE-2024-24919, a critical unauthenticated information disclosure vulnerability in Check Point's Remote Access VPN. It includes reconnaissance dorks, mitigation tips, and references to external PoCs but does not contain functional exploit code.

This repository contains a Nuclei template for detecting CVE-2024-24919, a path traversal vulnerability in CheckPoint SSLVPN. The template sends a crafted POST request to exploit the vulnerability and checks for a successful response.

The repository contains a Python script designed to scan for CVE-2024-24919 by sending POST requests to target URLs and analyzing responses for markers of vulnerability, such as sensitive file exposure (e.g., /etc/shadow). It does not include exploit code for achieving arbitrary code execution or privilege escalation.

The repository contains a Nuclei template for detecting CVE-2024-24919, a path traversal vulnerability in Check Point software. The template sends a crafted POST request to retrieve the /etc/passwd file and checks for a successful response.

The repository contains a functional Python script that exploits CVE-2024-24919, a path traversal vulnerability in Checkpoint firewall, allowing unauthorized file retrieval (e.g., /etc/passwd) via a crafted POST request to the 'clients/MyCRL' endpoint.

This repository provides an Nmap script to detect the presence of CVE-2024-24919, a vulnerability in Check Point SSL Network Extender. It includes dorks for vulnerability hunting and an example of how to use the Nmap script.

The repository contains a functional Python script that exploits CVE-2024-24919, an arbitrary file read vulnerability in Check Point software. The script sends crafted POST requests to read sensitive files like /etc/shadow or SSH private keys.

This repository contains a functional Python exploit for CVE-2024-24919, a path traversal vulnerability in Check Point Security Gateways. The exploit sends a crafted POST request to the `/clients/MyCRL` endpoint to read arbitrary files from the target system.

The repository contains a Python script that checks for CVE-2024-24919 by sending a crafted HTTP POST request to a Checkpoint Firewall VPN endpoint and analyzing the response for the presence of '/etc/passwd' content. It does not exploit the vulnerability but scans for its presence.

The repository contains a bash script that scans for CVE-2024-24919 by sending a crafted POST request to a target URL and checking for the presence of specific strings in the response. It does not exploit the vulnerability but detects potential exposure.

This repository contains a functional exploit for CVE-2024-24919, a path traversal vulnerability in Check Point security gateways. The PoC sends a crafted POST request to '/clients/MyCRL' with a payload to read arbitrary files (e.g., '/etc/shadow').

The repository contains functional exploit code for CVE-2024-24919, a local file inclusion vulnerability in Check Point Quantum Gateway. The YAML template and README provide clear technical details and a working PoC using a crafted POST request to disclose sensitive files like /etc/shadow.

This repository contains a Python-based scanner for CVE-2024-24919, designed to detect potential vulnerabilities by sending crafted requests to target URLs and checking for specific responses (e.g., 'root:' in response text). It includes features like Telegram notifications and file-based input/output.

The repository contains a functional exploit PoC for CVE-2024-24919, which includes a Shodan search script to identify potentially vulnerable targets and a PoC script to confirm vulnerability by attempting to read /etc/passwd via a path traversal attack.

The repository contains a functional Python script that exploits CVE-2024-24919, an information disclosure vulnerability in Check Point Security Gateway. The script supports both single-target and bulk scanning with multithreading, and includes features for generating CSV reports and color-coded output.

The repository contains a functional exploit for CVE-2024-24919, targeting Checkpoint Firewall VPNs via a path traversal vulnerability to dump arbitrary files (default: /etc/passwd). The exploit uses asynchronous HTTP requests with aiohttp and supports proxying, threading, and output logging.

This repository contains a functional Python script that exploits CVE-2024-24919, a directory traversal vulnerability in Check Point Security Gateway. The script sends crafted HTTP POST requests to the '/clients/MyCRL' endpoint to read arbitrary files from the target system.

This repository contains a functional Python script that exploits CVE-2024-24919, a directory traversal vulnerability in the 'MyCRL' endpoint of an unspecified web server. The script allows an attacker to read arbitrary files from the server by sending crafted HTTP POST requests with traversal sequences.

The repository contains a functional Python script that exploits CVE-2024-24919, an information disclosure vulnerability in Check Point security products. The script sends crafted POST requests to the `/clients/MyCRL` endpoint to read sensitive files via directory traversal.

This repository contains a functional Python script that exploits CVE-2024-24919, a path traversal vulnerability in Check Point Security Gateway, allowing unauthorized access to sensitive files like /etc/shadow. The script sends crafted HTTP requests to vulnerable endpoints and checks for specific markers in the response to confirm exploitation.

This repository provides a detailed walkthrough of CVE-2024-24919, an arbitrary file read vulnerability in Check Point Security Gateways. It includes an analysis of the attack scenario, detection methods, and mitigation strategies, but does not contain functional exploit code.

The repository contains a Python script designed to scan for potential CVE-2024-24919 vulnerabilities by sending a POST request to the '/clients/MyCRL' endpoint and checking for the presence of 'root' in the response. It does not include exploit code but serves as a detection tool.

The repository contains a Nuclei template designed to detect CVE-2024-24919, a local file inclusion vulnerability in Check Point SVN Foundation that allows attackers to read the `/etc/shadow` file. The template sends a crafted POST request to exploit the path traversal and checks for the presence of the `root:*:` pattern in the response.

The repository contains a functional bash script that automates the exploitation of CVE-2024-24919, a local file inclusion (LFI) vulnerability in Check Point Security Gateway. The script sends a crafted POST request to the '/clients/MyCRL' endpoint to retrieve sensitive files like '/etc/passwd'.

This repository contains a bash script that checks for the presence of CVE-2024-24919 in Check Point VPN systems by verifying version, patch status, and configuration details. It does not exploit the vulnerability but provides patch download links based on the detected version.

This repository contains a functional exploit for CVE-2024-24919, an unauthenticated arbitrary file read vulnerability in Check Point Remote Access VPN. The exploit leverages a path traversal vulnerability to read sensitive files like /etc/passwd, /etc/shadow, and SSH keys, potentially leading to full system compromise.

This Java tool scans for CVE-2024-24919 by sending crafted HTTP POST requests to check for path traversal vulnerabilities. It does not execute arbitrary commands or achieve remote code execution, but confirms vulnerability by reading sensitive files like /etc/passwd.

This repository contains a functional exploit for CVE-2024-24919, an information disclosure vulnerability in Check Point Quantum Gateway. The exploit leverages a path traversal flaw to access sensitive files like /etc/shadow via a crafted POST request to the /clients/MyCRL endpoint.

The repository contains a Python script that checks for the presence of CVE-2024-24919 in Checkpoint Firewall VPNs by sending a crafted HTTP request to read the /etc/passwd file. It does not exploit the vulnerability but scans for its presence.

This repository contains a functional exploit for CVE-2024-24919, targeting Check Point SSL Network Extender. It includes a script to gather vulnerable IPs via Hunter API and another to perform directory brute-forcing via a crafted POST request to '/clients/MyCRL'.

This repository contains a functional exploit for CVE-2024-24919, a path traversal vulnerability in Check Point Quantum Security Gateways. The YAML file includes a crafted HTTP POST request to leak the contents of /etc/passwd, demonstrating the vulnerability.

The repository contains a functional exploit for CVE-2024-24919, targeting Check Point SSL Network Extender. It includes a bash script for scanning multiple IPs and a Python script for exploiting the path traversal vulnerability to read arbitrary files (e.g., /etc/passwd).

The repository contains a Python script that scans for CVE-2024-24919 by sending crafted HTTP POST requests to target IPs and checking for vulnerability status. It does not exploit the vulnerability but detects its presence.

This repository provides a detailed technical analysis of CVE-2024-24919, a path traversal vulnerability in Check Point Security Gateways. It includes log analysis, IOC documentation, and containment steps but does not contain functional exploit code.

This repository provides a detailed technical analysis and incident response walkthrough for CVE-2024-24919, an arbitrary file read vulnerability in Check Point Security Gateways. It includes steps for detection, analysis, containment, and remediation, along with IOCs and log analysis.

This repository contains a detailed incident report and technical analysis of CVE-2024-24919, an arbitrary file read vulnerability in Check Point Security Gateway. It includes forensic details, exploit payloads, and response actions but does not provide functional exploit code.

This repository provides a detailed technical analysis of CVE-2024-24919, a path traversal vulnerability, including investigation steps, log analysis, and threat intelligence correlation. It does not contain exploit code but offers a thorough walkthrough of the attack scenario.

The repository contains a functional bash script that automates the exploitation of CVE-2024-24919, a local file inclusion (LFI) vulnerability in Checkpoint Security Gateway. The script sends a crafted POST request to the '/clients/MyCRL' endpoint to retrieve sensitive files like '/etc/passwd'.

This repository provides a functional proof-of-concept for CVE-2024-24919, a path traversal vulnerability in Check Point security gateways leading to information disclosure. The PoC includes a curl command to exploit the vulnerability and retrieve the /etc/shadow file.

This repository contains a functional exploit for CVE-2024-24919, demonstrating a path traversal vulnerability via a POST request to '/clients/MyCRL' with a crafted payload to read '/etc/passwd'. The exploit is wrapped in an Electron application for ease of use.

The repository contains a functional Python script that exploits CVE-2024-24919, a Local File Inclusion (LFI) vulnerability in Check Point software. The script sends crafted HTTP POST requests to read critical system files by traversing directories.

The repository contains a bash script that scans for CVE-2024-24919 by sending a crafted POST request to a target domain and checking for a 200 HTTP status code. It does not include exploit code for achieving remote code execution or other offensive actions.

This Go-based exploit targets CVE-2024-24919, a path traversal vulnerability in Check Point Security Gateway. It sends crafted POST requests to '/clients/MyCRL' to read arbitrary files from the system, including sensitive files like '/etc/passwd' and configuration files.

This repository contains a functional exploit for CVE-2024-24919, which leverages a path traversal vulnerability to read arbitrary files from the target system. The exploit sends crafted HTTP POST requests to the '/clients/MyCRL' endpoint with malicious paths to access sensitive files like '/etc/passwd' and '/etc/shadow'.

The repository lacks actual exploit code and instead provides a Nuclei template link and Shodan dork. It contains no technical details about the vulnerability or functional PoC code.

This repository contains a functional exploit for CVE-2024-24919, targeting Check Point Security Gateways with remote Access VPN or Mobile Access Software Blades. The exploit leverages a path traversal vulnerability to read sensitive files like /etc/passwd, /etc/shadow, and log files.

The repository contains a Python script designed to scan multiple URLs for CVE-2024-24919, a vulnerability in Check Point firewalls. It sends a crafted POST request to extract files (e.g., /etc/passwd) but does not include exploit code for remote code execution or further exploitation.

This repository contains a functional Python exploit for CVE-024-24919, targeting a path traversal vulnerability in Check Point products via the `/clients/MyCRL` endpoint. The exploit sends a crafted POST request to read arbitrary files (default: `/etc/passwd`) from vulnerable systems.

The repository contains a functional Python exploit for CVE-2024-24919, targeting a path traversal vulnerability in Check Point SSL Network Extender. The script sends a crafted POST request to read arbitrary files (e.g., /etc/passwd) via a directory traversal payload.

This repository contains a functional exploit script for CVE-2024-24919, which appears to be a path traversal vulnerability. The script sends a crafted POST request to a target endpoint to read arbitrary files, defaulting to /etc/passwd.

This repository contains a bash script designed to check for the presence of CVE-2024-24919. The script takes a list of IPs as input and scans them for vulnerability, but does not include exploit code.

This YAML file contains a functional exploit for CVE-2024-24919, demonstrating a path traversal and local file inclusion (LFI) vulnerability. The exploit sends a crafted POST request to '/clients/MyCRL' with a payload designed to traverse directories and access '/etc/shadow'.

The repository contains a functional bash script that automates the exploitation of CVE-2024-24919, a local file inclusion (LFI) vulnerability in Checkpoint Security Gateway. The script sends a crafted POST request to the '/clients/MyCRL' endpoint with a path traversal payload to retrieve '/etc/passwd'.

The repository contains a functional Python script that exploits CVE-2024-24919, an information disclosure vulnerability in Check Point security products. The script sends crafted POST requests to the `/clients/MyCRL` endpoint to read sensitive files via directory traversal.

The repository contains a functional exploit script for CVE-2024-24919, targeting Check Point software via a path traversal vulnerability in the '/clients/MyCRL' endpoint. The script sends crafted POST requests to leak sensitive files (e.g., /etc/passwd) by manipulating the 'Content-Length' header and payload.

The repository contains a functional bash script that exploits a path traversal vulnerability in Check Point devices (CVE-2024-24919) to read arbitrary files. The script sends a crafted POST request to the target endpoint to retrieve sensitive files like /etc/passwd or /etc/shadow.

This Metasploit module exploits CVE-2024-24919, an unauthenticated arbitrary file read vulnerability in Check Point Security Gateway appliances. It sends a crafted POST request with a path traversal payload to read sensitive files like /etc/shadow.