daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2024-23692

patch-4
johnk3r 2024-06-07 22:08:35 -03:00 committed by GitHub
parent e322f31421
commit f3bcd3e920
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
http/cves/2024/CVE-2024-23692
View File

@ -1,10 +1,19 @@
id: CVE-2024-23692
info:
name: HFS Command Injection RCE
name: Check Point Quantum Gateway - Information Disclosure
author: johnk3r
severity: critical
tags: rce,hfs,cve
severity: high
description: |
CVE-2024-24919 is an information disclosure vulnerability that can allow an attacker to access certain information on internet-connected Gateways which have been configured with IPSec VPN, remote access VPN, or mobile access software blade.
reference:
- https://github.com/rapid7/metasploit-framework/pull/19240
- https://mohemiv.com/all/rejetto-http-file-server-2-3m-unauthenticated-rce/
metadata:
verified: true
max-request: 1
shodan-query: product:"HttpFileServer httpd"
tags: cve,cve2024,hfs,rce
requests:
- method: GET