CVE-2024-52885 | THREATINT

Description

The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user (authorized to at least one File Share application) to list the file names of 'nobody'-accessible directories on the Mobile Access gateway.

PUBLISHED Reserved 2024-11-17 | Published 2025-08-06 | Updated 2025-08-06 | Assigner checkpoint

MEDIUM: 5.0CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Problem types

CWE-35: Path Traversal

Product status

Check Point Mobile Access versions R81.10, R81.20, R82

affected

References

support.checkpoint.com/results/sk/sk183137

cve.org (CVE-2024-52885)

nvd.nist.gov (CVE-2024-52885)

Download JSON