CVE-2024-48766
Published: 13 May 2025
Summary
CVE-2024-48766 is a high-severity EAR (CWE-698) vulnerability in Netalertx Netalertx. Its CVSS base score is 8.6 (High).
Operationally, ranked in the top 1.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
NetAlertX versions 24.7.18 before 24.10.12 contain an unauthenticated file-reading vulnerability in components/logs.php. The flaw stems from an HTTP client’s ability to ignore redirects combined with insufficient handling via strpos and directory-traversal sequences, allowing arbitrary file access with a CVSS 3.1 score of 8.6.
An unauthenticated network attacker can supply crafted requests that bypass intended access controls and retrieve sensitive files from the underlying system, resulting in high-impact confidentiality exposure with changed scope.
The issue was exploited in the wild in May 2025. Public references include a Metasploit auxiliary scanner module for the file-read vector and research publications detailing related remote-code-execution findings in the same product. The EPSS score reached a peak of 0.7799 with a current value of 0.7766.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-54478
Vulnerability details
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.