https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk94228
We have a Smart-1 25 appliance that was affected by this vulnerability and we proceeded to upgrade the firmware to the recommended version.
Parter the upgrade it promoted to reset the admin password and I reset the password which was setup earlier.
After resetting the password I was prompted to log back in, and started the drama. It didn't accept my password.
Then I found a very useful article to reset the LOM settings in the CPUG group.
I proceeded to reset the password, the method worked fine for the first time and I was able to set the password again.
The procedure can be found in the following link
https://www.cpug.org/forums/showthread.php/12778-Reset-LOM-password?p=81394#post81394
I have to say that there is nothing wrong in this article, and it works fine.
But unfortunately I made the same mistake f entering a too complex password so I ended up in the sake issue as before.
For some weird reason I couldn't boot the LOM using reset user name.
But what I've noticed that the complex password I've setup in the WebUI works fine for the LOM
maintenance mode, i.e. after booting using bootfmh and hitting y when it's prompted to goto maintenance mode.
But the thing is you can no longer enter ./reset.sh
But what you can really do is issue find command to find the reset.sh file.
find /-name reset.sh
You will get the exact path if the file and from memory it is located in the www directory.
You can execute this script to reset the LOM configuration.
Unfortunately I didn't want to spend more time on this to look at the content of the script ( I was fed up doing the upgrade on the management server, in fact I ended up spending most of my time in resetting the LOM password than upgrading the Smart-1 25 to R77 during the change window )