Lucene search
+L

10 matches found

Nuclei
Nuclei
added yesterday18 views

NetAlertX 23.01.14–24.x < 24.10.12 - Remote Code Execution

NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php. id: CVE-2024-46506 info: name:...

10CVSS7.8AI score0.6293EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2025/05/15 12:10 a.m.15 views

CVE-2024-46506

NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php...

10CVSS7.3AI score0.6293EPSS
Exploits5
NVD
NVD
added 2025/05/13 4:15 p.m.13 views

CVE-2024-46506

NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php...

10CVSS0.6293EPSS
Exploits5References1
Cvelist
Cvelist
added 2025/05/13 12:0 a.m.19 views

CVE-2024-46506

NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php...

10CVSS0.6293EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
added 2025/05/13 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-46506

NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php...

10CVSS5.8AI score0.6293EPSS
Exploits5References1
CVE
CVE
added 2025/05/13 12:0 a.m.96 views

CVE-2024-46506

CVE-2024-46506 – NetAlertX RCE : NetAlertX versions 23.01.14 through 24.x before 24.10.12 are vulnerable to unauthenticated command injection via a settings update, caused by missing authentication on function=savesettings and related to settings.php and util.php. The issue could allow remote com...

10CVSS9.9AI score0.6293EPSS
Exploits5References1Affected Software1
Metasploit
Metasploit
added 2025/02/11 6:55 p.m.433 views

Unauthenticated RCE in NetAlertX

An attacker can update NetAlertX settings with no authentication, which results in RCE. Module Options msf use exploit/linux/http/netalertxrcecve202446506 msf exploitnetalertxrcecve202446506 show targets ...targets... msf exploitnetalertxrcecve202446506 set TARGET msf...

10CVSS8.5AI score0.6293EPSS
Exploits5
Packet Storm
Packet Storm
added 2025/02/11 12:0 a.m.490 views

NetAlertX 24.9.12 Command Injection

An attacker can update NetAlertX settings with no authentication, which results in command injection. Versions 23.01.14 through 24.9.12 are affected. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

7.3AI score0.6293EPSS
Exploits5
Rhino Security Labs
Rhino Security Labs
added 2025/01/30 1:0 p.m.86 views

CVE-2024-46506: Unauthenticated RCE in NetAlertx

The post CVE-2024-46506: Unauthenticated RCE in NetAlertx appeared first on Rhino Security Labs...

10CVSS7.3AI score0.6293EPSS
Exploits5
Circl
Circl
added 2025/01/30 12:3 p.m.14 views

CVE-2024-46506

creationtimestamp| type| source ---|---|--- 2025-01-30 12:03:56+00:00| seen| https://bsky.app/profile/buherator.bsky.social/post/3lgxgwaf4e42q 2025-01-31 01:26:08+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/9588 2025-01-31 11:39:44+00:00| seen|...

10CVSS7.2AI score0.6293EPSS
Exploits5References14
Rows per page
Query Builder