Netalertx

Netalertx

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.4

CVE-2025-48952

Exploit
  • EPSS 0.16%
  • Veröffentlicht 04.07.2025 22:12:54
  • Zuletzt bearbeitet 06.08.2025 17:48:07

NetAlertX is a network, presence scanner, and alert framework. Prior to version 25.6.7, a vulnerability in the authentication logic allows users to bypass password verification using SHA-256 magic hashes, due to loose comparison in PHP. In vulnerable...

9.8

CVE-2025-32440

  • EPSS 0.1%
  • Veröffentlicht 27.05.2025 21:59:40
  • Zuletzt bearbeitet 11.07.2025 18:58:26

NetAlertX is a network, presence scanner and alert framework. Prior to version 25.4.14, it is possible to bypass the authentication mechanism of NetAlertX to update settings without authentication. An attacker can trigger sensitive functions within u...

10

CVE-2024-46506

Exploit
  • EPSS 82.77%
  • Veröffentlicht 13.05.2025 00:00:00
  • Zuletzt bearbeitet 17.06.2025 19:39:38

NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and ...

8.6

CVE-2024-48766

Exploit
  • EPSS 74.58%
  • Veröffentlicht 13.05.2025 00:00:00
  • Zuletzt bearbeitet 24.06.2025 20:04:07

NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/...