Primary

Context

Check Point Mobile Access Directory Traversal Vulnerability in File Share Application

Vulnerability

A directory traversal vulnerability has been identified in the File Share application of the Check Point Mobile Access Portal, available on the Mobile Access gateway. This vulnerability allows an authenticated user, with access to at least one File Share application, to list file names in 'nobody'-accessible directories on the gateway. Additionally, such a user can create arbitrary files with 'nobody' permissions in the '/tmp' directory on the gateway.

Impact

Exploitation of this vulnerability could lead to unauthorized directory listing and file creation with 'nobody' permissions on the affected gateway.

Remediation

This vulnerability has been fixed in the Jumbo Hotfix Accumulator for R82 (starting from Take 36), R81.20 (starting from Take 111), and R81.10 (starting from Take 177).

Added: Aug 6, 2025, 3:40 PM

Updated: Aug 6, 2025, 3:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

1.3

exploitability

5.2

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Check Point Mobile Access Directory Traversal Vulnerability in File Share Application

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating