Exploit for Improper Authentication in Checkpoint Gaia_Os

markdown CVE-2026-50751 - Check Point IKEv1 Authentication Byp...

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol. The vulnerability, tracked as CVE-2026-50751 CVSS score: 9.3, is a case of a logic flow weakne...

CVE-2026-50751

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

CVE-2026-50751 User Authentication Bypass in VPN Remote Access and Mobile Access

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

CVE-2026-50751

CVE-2026-50751 is a logic-flow weakness in certificate validation during the deprecated IKEv1 key exchange used by Check Point Remote Access VPN, Mobile Access, and Spark Firewall. The flaw allows an unauthenticated attacker to bypass user authentication and establish a VPN session without a vali...

CVE-2026-50751 User Authentication Bypass in VPN Remote Access and Mobile Access

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

EUVD-2026-35047

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

CVE-2026-50751

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

CVE-2026-10259

A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has be...

CVE-2026-50751 - User Authentication bypass on VPN Remote Access and Mobile Access in deprecated IKEv1 key exchange

Symptoms - An attacker can bypass user authentication by exploiting a logic flow weakness in the Remote Access and Mobile Access certificate validation and establish a remote access VPN connection without a valid user password. Check Point is aware of this vulnerability being exploited in the wil...

SAP Gateway 安全漏洞

SAP Gateway is a framework based on open standards developed by SAP, a German company. This product allows non-SAP applications to connect to SAP applications, as well as access SAP applications on mobile devices. There is a security vulnerability in SAP Gateway, which allows attackers to inject...

CVE-2026-48135 - HTTP service can incorrectly process malformed HTTP requests

Cause An input-handling issue in the HTTP request processing path. Symptoms - A Check Point HTTP-based service, such as Mobile Access Portal or Identity Awareness Portals except for Captive Portal, can incorrectly handle malformed HTTP requests. Gaia Portal is not affected by this issue. - The...

EUVD-2026-20908

Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication...

PT-2026-31397

Name of the Vulnerable Software and Affected Versions SonicWall SMA1000 series appliances affected versions not specified Description Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP...

SonicWall SMA 1000 Series <= 12.4.3-03093 / 12.5.x <= 12.5.0-02283 Local Privilege Escalation (SNWLID-2025-0019)

The remote host is a SonicWall SMA 1000 Series device that may be affected by a local privilege escalation vulnerability: - A local privilege escalation vulnerability due to insufficient authorization in the SonicWall SMA1000 appliance management console AMC. CVE-2025-40602 Note that Nessus has n...

EUVD-2014-7840

Malware in sbrugna...

EUVD-2019-5957

Malware in sbrugna...

EUVD-2021-17289

Malware in sbrugna...

EUVD-2024-54849

Malicious code in bioql PyPI...

CVE-2024-52885

The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack, allowing an authenticated, malicious end-user authorized to at least one File Share application to list the file names of 'nobody'-accessible directories on the Mobile Access gateway...