# CVE-2024-24919-Exploit

## Overview

This repository contains a python exploit for the CVE-2024-24919, a vulnerability that allows you to read sensitive files from the vulnerable page.

This exploit first checks if the target is vulnerable, and then gets the path you specify.

**Severity**: Critical

## Usage

First clone the repository:

    git clone
    cd CVE-2024-24919-Exploit

Give privileges and execute the exploit with python3

    chmod +x

Then follow the steps and you will get the data of the file you specify

If you are strugling make sure the URL you specify is the main one

✓ ``

✘ ``

## POC (Proof Of Concept)

First we need to make sure that the website have Check Point Security Gateways which have remote access VPN or mobile access software enabled.

In this exploit we are pointing to the `{ip}/clients/MyCRL` endpoint.

This endpoint is vulnerable if we do a POST petition, we add the string `CSHELL/` and the path of the file we want to read using a Path Traversal.

The request will be something like this:

    POST /clients/MyCRL HTTP/1.1
    Host: <redacted>
    Content-Length: 39


We get all of this looking the source code

For more information about the process check this post -->

## Test

If you want to test this vulnerability you can use Sodan to find some vulnerable websites, using this query in sodan

    Server: “Check Point SVN Foundation”

## References

## Disclaimer
This script is for educational purposes only. Use it responsibly and only on systems you have permission to access.