Chebuya (Rhino Security Labs)

1 exploit Active since May 2025
CVE-2024-46506 METASPLOIT CRITICAL ruby WORKING POC
Unauthenticated RCE in NetAlertX
NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via settings update because function=savesettings lacks an authentication requirement, as exploited in the wild in May 2025. This is related to settings.php and util.php.
CVSS 10.0