Cyber Resilience

CVE-2024-48766

HighPublic PoC

Published: 13 May 2025

Published
13 May 2025
Modified
24 June 2025
KEV Added
Patch
CVSS Score v3.1 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
EPSS Score 0.7766 99.0th percentile
Risk Priority 64 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-48766 is a high-severity EAR (CWE-698) vulnerability in Netalertx Netalertx. Its CVSS base score is 8.6 (High).

Operationally, ranked in the top 1.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

NetAlertX versions 24.7.18 before 24.10.12 contain an unauthenticated file-reading vulnerability in components/logs.php. The flaw stems from an HTTP client’s ability to ignore redirects combined with insufficient handling via strpos and directory-traversal sequences, allowing arbitrary file access with a CVSS 3.1 score of 8.6.

An unauthenticated network attacker can supply crafted requests that bypass intended access controls and retrieve sensitive files from the underlying system, resulting in high-impact confidentiality exposure with changed scope.

The issue was exploited in the wild in May 2025. Public references include a Metasploit auxiliary scanner module for the file-read vector and research publications detailing related remote-code-execution findings in the same product. The EPSS score reached a peak of 0.7799 with a current value of 0.7766.

EU & UK References

Vulnerability details

NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

netalertx
netalertx
24.7.18 — 24.10.12

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References