Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-52885

The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway.

Published

2025-08-06T15:15:31.287

Last Modified

2025-08-27T14:21:06.577

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.0 (MEDIUM)

Weaknesses

Type: Secondary
CWE-35
Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	checkpoint	mobile_access	-	Yes
Application	checkpoint	remote_access_vpn	-	Yes
Operating System	checkpoint	gaia_os	r81.10	No
Operating System	checkpoint	gaia_os	r81.20	No
Operating System	checkpoint	gaia_os	r82	No

References

https://support.checkpoint.com/results/sk/sk183137 Vendor Advisory ([email protected])