CVE-2024-52888: Stored-XSS

Published Apr 27, 2025

Updated

For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties.

Affected Software

5 affected components

All of the following

Any of the following

Checkpoint Mobile Access

Checkpoint Remote Access Vpn

Any of the following

Checkpoint Gaia Os=r81.10

Checkpoint Gaia Os=r81.20

Checkpoint Gaia Os=r82

Event History

Apr 27, 2025

CVE Published

via MITRE·07:46 AM

Data Sourced

via MITRE·07:46 AM

DescriptionSeverityWeakness

Data Sourced

via NVD·08:15 AM

DescriptionSeverityWeaknessAffected Software

Frequently Asked Questions

What is the severity of CVE-2024-52888?

CVE-2024-52888 is classified as a moderate severity vulnerability affecting Checkpoint products.

How do I fix CVE-2024-52888?

To mitigate CVE-2024-52888, ensure that your Checkpoint Mobile Access or Remote Access VPN software is updated to the latest version.

Who is affected by CVE-2024-52888?

Authenticated end-users of Checkpoint Mobile Access and Remote Access VPN are at risk from CVE-2024-52888.

What type of vulnerability is CVE-2024-52888?

CVE-2024-52888 is a client-side script execution vulnerability that could be triggered when displaying directory or file properties.

Is CVE-2024-52888 present in older versions of Checkpoint Gaia OS?

CVE-2024-52888 does not affect Checkpoint Gaia OS versions r81.10, r81.20, or r82.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.