CVE-2025-32440

Published May 27th, 2025

View on NVD ↗

CVSS v3

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

NetAlertX is a network, presence scanner and alert framework. Prior to version 25.4.14, it is possible to bypass the authentication mechanism of NetAlertX to update settings without authentication. An attacker can trigger sensitive functions within util.php by sending crafted requests to /index.php. This issue has been patched in version 25.4.14.

netalertx/NetAlertX

Centralized network visibility and continuous asset discovery. Monitor devices, detect change, and stay aware across distributed networks.

GitHub

6.54K