CVE-2024-24919 Write Up
Haii!! How are you?!!
This time I will share an article about the findings I found on a website that is vulnerable to the CVE-2024-24919 vulnerability. okay, let’s get straight to it.
Details Information Vulnerability:
This security vulnerability allows attackers to access certain Check Point Security Gateways connected to the internet and activate the Remote Access VPN feature or Mobile Access Software Blades information. A security update for this vulnerability is available.
CVSS Score | Severity |
---|---|
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N | Critical (8.6) |
Proof of Concept (PoC):
Exploit
Now try to exploit it with the python script above in this way
- Enter the target IP into the file
domain-IP.txt
- run python3 CVE-2024-24919.py
Impact:
This vulnerability could allow an unauthenticated, remote attacker to read local files of an affected Security Gateway, including sensitive files such as password data, SSH keys, or other credentials. Under certain conditions, this can lead to credential theft, lateral movement within the network, and potential overall system compromise. It has been observed that this exploit is already occurring in the real world to extract Active Directory credentials.