CVE-2024-48766 Scanner

NetAlertX is a software product used for system monitoring and alerting. It is typically utilized in network environments to detect and alert administrators about potential system issues or vulnerabilities. The software is deployed across multiple enterprise-level infrastructures for enhanced security management. NetAlertX versions v24.7.18 to v24.9.12 are affected by a directory traversal vulnerability. This flaw enables attackers to access parts of the system that are otherwise restricted. The product is used by security professionals and system administrators to ensure network integrity and respond to security events in real-time.

The directory traversal vulnerability in NetAlertX affects versions v24.7.18 to v24.9.12. It allows attackers to manipulate file paths to access directories outside of the intended directory. By exploiting this flaw, an attacker can view files and gain insight into the internal structure of the system. The vulnerability occurs due to insufficient sanitization of user inputs in the log management component. This weakness enables unauthorized access to sensitive system files. As a result, attackers can potentially gather critical information, which could lead to further system exploitation.

The vulnerability is triggered when an attacker interacts with the 'log.php' file in NetAlertX. The application does not properly validate or sanitize the 'filePath' parameter, which allows the use of relative paths. By exploiting this, attackers can perform directory traversal, accessing files such as '/etc/passwd'. This file typically contains sensitive information about system users, which can be exploited for privilege escalation. The attack is initiated by sending a specially crafted POST request with an invalid file path. The affected versions are v24.7.18 to v24.9.12, and the issue has been fixed in v24.10.12.

If exploited, this vulnerability allows an attacker to list directories and gain unauthorized access to sensitive files. The information exposed can assist the attacker in further compromising the system, such as obtaining system passwords or configuration details. This access could lead to privilege escalation, where the attacker can execute malicious commands or disrupt system operations. In worst-case scenarios, an attacker could gain full control of the affected server. This type of vulnerability poses significant risks to system confidentiality and integrity.

References:

• https://advisories.checkpoint.com/defense/advisories/public/2025/cpai-2024-1358.html
• https://github.com/rapid7/metasploit-framework/pull/19881
• https://github.com/jokob-sk/NetAlertX