CVE-2024-48766
HIGHDescription
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redirect, and because of factors related to strpos and directory traversal, as exploited in the wild in May 2025. This is related to components/logs.php.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| netalertx | netalertx |
References
Frequently Asked Questions
What is CVE-2024-48766? +
How severe is CVE-2024-48766? +
What products are affected by CVE-2024-48766? +
How do I check if I'm vulnerable to CVE-2024-48766? +
Related Vulnerabilities
Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by …
A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is …
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an …
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been declared as critical. This vulnerability affects …
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been rated as critical. This issue affects …
A vulnerability classified as critical has been found in SourceCodester Employee Task Management System 1.0. Affected is an unknown function …