Unrated severityNVD Advisory· Published May 27, 2025· Updated May 28, 2025

NetAlertX Vulnerable to Authentication Bypass

CVE-2025-32440

Description

NetAlertX is a network, presence scanner and alert framework. Prior to version 25.4.14, it is possible to bypass the authentication mechanism of NetAlertX to update settings without authentication. An attacker can trigger sensitive functions within util.php by sending crafted requests to /index.php. This issue has been patched in version 25.4.14.

Affected products

NetAlertX/NetAlertXllm-fuzzy
Range: <25.4.14
jokob-sk/NetAlertXv5
Range: < 25.4.14

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/jokob-sk/NetAlertX/releases/tag/v25.4.14mitrex_refsource_MISC
github.com/jokob-sk/NetAlertX/security/advisories/GHSA-h4x5-vr54-vjrxmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000