VYPR

VPN 1 Firewall 1

by Checkpoint

CVEs (15)

  • CVE-2025-15389HigDec 31, 2025
    risk 0.57cvss 8.8epss 0.01

    VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

  • CVE-2025-15388HigDec 31, 2025
    risk 0.57cvss 8.8epss 0.01

    VPN Firewall developed by QNO Technology has an OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

  • CVE-2025-15387HigDec 31, 2025
    risk 0.57cvss 8.8epss 0.00

    VPN Firewall developed by QNO Technology has a Insufficient Entropy vulnerability, allowing unauthenticated remote attackers to obtain any logged-in user session through brute-force attacks and subsequently log into the system.

  • CVE-2002-1623Dec 31, 2002
    risk 0.04cvss epss 0.49

    The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses…

  • CVE-2001-0082Feb 12, 2001
    risk 0.03cvss epss 0.02

    Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets.

  • CVE-2008-1397Mar 20, 2008
    risk 0.00cvss epss 0.02

    Check Point VPN-1 Power/UTM, with NGX R60 through R65 and NG AI R55 software, allows remote authenticated users to cause a denial of service (site-to-site VPN tunnel outage), and possibly intercept network traffic, by configuring the local RFC1918 IP address to be the same as…

  • CVE-2001-1176Jul 12, 2001
    risk 0.00cvss epss 0.03

    Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection.

  • CVE-2001-1158Jul 9, 2001
    risk 0.00cvss epss 0.03

    Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts.

  • CVE-2000-0804Nov 14, 2000
    risk 0.00cvss epss 0.02

    Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass."

  • CVE-2000-0807Nov 14, 2000
    risk 0.00cvss epss 0.02

    The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."

  • CVE-2000-0806Nov 14, 2000
    risk 0.00cvss epss 0.02

    The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass."

  • CVE-2000-0813Nov 14, 2000
    risk 0.00cvss epss 0.02

    Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass."

  • CVE-2000-0809Nov 14, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service.

  • CVE-2000-0808Nov 14, 2000
    risk 0.00cvss epss 0.02

    The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."

  • CVE-2000-0805Nov 14, 2000
    risk 0.00cvss epss 0.01

    Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."