CVE-2026-48135

Summary

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests. The issue is related to HTTP request parsing and validation.

Affected Software

VendorProductVersion RangeStatus
checkpointQuantum Security GatewayR82.10 with Jumbo Hotfix Take 6 or belowaffected
checkpointQuantum Security GatewayR82 with Jumbo Hotfix Take 91 or belowaffected
checkpointQuantum Security GatewayR81.20 with Jumbo Hotfix Take 127 or belowaffected
checkpointQuantum Security GatewayAll releases from R81.10 and belowaffected

Weaknesses

  • CWE-122: CWE-122: Heap-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References