NetAlertX Authentication Bypass Vulnerability Allowing Unauthenticated Remote Command Execution
Vulnerability
An authentication bypass vulnerability has been identified in NetAlertX versions prior to 25.4.14, allowing attackers to update settings and execute sensitive functions without authentication. The vulnerability arises from an include chain that bypasses security checks, enabling unauthorized access to functions in util.php by sending crafted requests to index.php.
Impact
Exploitation of this vulnerability allows for unauthenticated remote command execution, with the potential to manipulate application settings and execute arbitrary commands on the server.
Reproduction
The vulnerability can be reproduced by sending a request to index.php that bypasses the authentication checks intended to protect sensitive functions in util.php. This can be done by directly targeting index.php, which will include util.php and allow access to its functions without authentication.
Remediation
Users are advised to update NetAlertX to version 25.4.14 or later, where this vulnerability has been patched.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.