EIP-2026-118355

PRE-CVE

Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118355. PoCs published by anonymous.

AI-analyzed exploit summary This exploit leverages fragmented TCP packets with malformed IP options to bypass Check Point FireWall-1's Fastmode inspection, allowing access to blocked TCP services. It combines ACK and SYN fragments to craft a SYN packet that evades firewall rules.

Description

Check Point VPN-1/FireWall-1 4.1 SP2 - Blocked Port Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · cremotewindows

https://www.exploit-db.com/exploits/232

View Code ZIP pw:eip

This exploit leverages fragmented TCP packets with malformed IP options to bypass Check Point FireWall-1's Fastmode inspection, allowing access to blocked TCP services. It combines ACK and SYN fragments to craft a SYN packet that evades firewall rules.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Complex

Reliability

Reliable

Target: Check Point VPN-1/FireWall-1 4.1 SP2

No auth needed

Prerequisites: Fastmode enabled for at least one TCP service · Access to at least one open TCP service on the target network

MITRE ATT&CK

T1200 - Hardware Additions T1090 - Proxy

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026