Jokob-Sk Netalertx vulnerabilities
2 known vulnerabilities affecting jokob-sk/netalertx.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2025-48952P2CRITICALCVSS 9.4fixed in 25.6.72025-07-04
CVE-2025-48952 [CRITICAL] CWE-697 CVE-2025-48952: NetAlertX is a network, presence scanner, and alert framework. Prior to version 25.6.7, a vulnerabil
NetAlertX is a network, presence scanner, and alert framework. Prior to version 25.6.7, a vulnerability in the authentication logic allows users to bypass password verification using SHA-256 magic hashes, due to loose comparison in PHP. In vulnerable versions of the application, a password comparison is performed using the `==` operator at line 40
nvd
CVE-2025-32440P3CRITICALCVSS 9.8fixed in 25.4.142025-05-27
CVE-2025-32440 [CRITICAL] CWE-306 CVE-2025-32440: NetAlertX is a network, presence scanner and alert framework. Prior to version 25.4.14, it is possib
NetAlertX is a network, presence scanner and alert framework. Prior to version 25.4.14, it is possible to bypass the authentication mechanism of NetAlertX to update settings without authentication. An attacker can trigger sensitive functions within util.php by sending crafted requests to /index.php. This issue has been patched in version 25.4.14.
nvd