## https://sploitus.com/exploit?id=FF6C0584-ACA7-5E63-92B0-C40415A20FD6
# Exploit for CVE-2024-24919
## Description
This Python script is an exploit for CVE-2024-24919, a CVE that hitted Check Point Products: (CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, Quantum Spark Appliances) Versions: (R77.20 (EOL), R77.30 (EOL), R80.10 (EOL), R80.20 (EOL), R80.20.x, R80.20SP (EOL), R80.30 (EOL), R80.30SP (EOL), R80.40 (EOL), R81, R81.10, R81.10.x, R81.20), allowing unauthorized access to sensitive files on a target system. It targets a vulnerability in the `/clients/MyCRL` endpoint
![Running](image.png)
## Installation
```bash
git clone https://github.com/MohamedWagdy7/CVE-2024-24919
```
## target.txt
is a file contains number of targets running vulnerable version, these targets enumerated from shodan using this dork `"Server: Check Point SVN" "X-UA-Compatible: IE=EmulateIE7" 200 country:"IL"`
## Usage
```bash
python exploit.py -d <target> [-f <file>] [-proxy <proxy>] [-o <output>]
python exploit.py -l <list> [-f <file>] [-proxy <proxy>] [-o <output>]
```
### Example
```bash
python exploit.py -l ./targets.txt -proxy 127.0.0.1:8080 -o CVE-2024-24919.txt
```
## Arguments
- -d, --target: Specifies a single target to be tested.
- -l, --list: Specifies a list of targets to be tested.
- -f, --file: Specifies a file to exploit (default: /etc/passwd).
- -proxy, --proxy: Specifies a proxy to use for requests.
- -o, --output: Specifies a filename to save the output (default: output.txt).
## References
[Watchtowr Labs - Wrong Check Point](https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/)
[Check Point Support](https://support.checkpoint.com/results/sk/sk182337?ref=labs.watchtowr.com)
[NVD - CVE-2024-24919](https://nvd.nist.gov/vuln/detail/CVE-2024-24919)