NetAlertX is a network, presence scanner and alert framework. Prior to version 25.4.14, it is possible to bypass the authentication mechanism of NetAlertX to update settings without authentication. An attacker can trigger sensitive functions within util.php by sending crafted requests to /index.php. This issue has been patched in version 25.4.14.
The vulnerability results from the lack of authentication requirement (CWE-306) for sensitive functions handled by the util.php file. An attacker can send a specially crafted HTTP request to the /index.php endpoint, which allows triggering these functions while bypassing any identity verification. As a result, unauthorized modification of application configuration is possible without possessing any credentials.
An attacker without any privileges and from any network location can modify NetAlertX settings, which may lead to complete takeover of the application, loss of data confidentiality and integrity, and disruption of the network monitoring system's availability.
NetAlertX must be immediately updated to version 25.4.14 or later, in which the issue has been fixed. The patch is available in the project repository on GitHub at the address indicated in the references.
NetAlertX in all versions prior to 25.4.14
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HNetalertx
APPNetalertx< 25.4.14
Related vulnerabilities
NetAlertX: Pominięcie uwierzytelnienia przez PHP magic hash (SHA-256)
NetAlertX — nieuwierzytelniony command injection via savesettings (RCE)
NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can ignore a redi...