Filtered by vendor Netalertx
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-48766 | 1 Netalertx | 1 Netalertx | 2025-06-24 | N/A | 8.6 HIGH |
| NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php. | |||||
| CVE-2024-46506 | 1 Netalertx | 1 Netalertx | 2025-06-17 | N/A | 10.0 CRITICAL |
| NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php. | |||||