8 matches found
CVE-2024-48766
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php...
CVE-2024-48766
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php...
CVE-2024-48766
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php...
CVE-2024-48766
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php...
CVE-2024-48766
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php...
CVE-2024-48766
NetAlertX vulnerability CVE-2024-48766 affects versions 24.7.18–24.9.12. A directory traversal flaw allows unauthenticated file reads because an HTTP client can ignore redirects and due to path handling related to logs.php; exploitation observed in the wild (May 2025). Affected components include...
NetAlertX File Read Vulnerability
This module exploits improper authentication in logs.php endpoint. An unathenticated attacker can request log file and read any file due path traversal vulnerability. Module Options msf use auxiliary/scanner/http/netalertxfileread msf auxiliarynetalertxfileread show actions ...actions... msf...
CVE-2024-48766
creationtimestamp| type| source ---|---|--- 2025-02-17 10:25:40+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-48766.yaml 2025-02-25 09:50:00+00:00| seen|...