{"uuid": "e8e5a265-90a2-49ee-a19c-4143310bf989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "published-proof-of-concept", "source": "https://t.me/cybersecplayground/253", "content": "\ud83d\udea8 Alert: CVE-2025-48952 \u2013 Password Bypass in NetAlertX \ud83d\udea8\nDue to loose comparison in PHP, attackers can bypass authentication without knowing the correct password!\n\n\ud83d\udd25 Vulnerability Type:\nWeak equality check (== instead of ===) allows login bypass using special inputs like 0, false, or specific crafted passwords.\n\n\ud83d\udd13 Impact:\n\ud83d\udd39 Unauthenticated access to the web interface\n\ud83d\udd39 Possible full system control depending on configuration\n\n\ud83d\udca5 PoC & Details:\n\ud83d\udd17 GitHub Advisory\n\ud83d\udca3 Exploit Code Included \u2013 Ready to test!\n\n\ud83d\udef0 Attack Surface Scan\n\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f Hunter Dork\nproduct.name=\"NetAlertX\"\n\ud83c\udf10 Hunter Search\n\n\ud83e\udde0 Why It Matters:\nLoose type comparison in PHP can be fatal. Always use === for secure checks!\n\n\ud83d\udce2 Stay informed with @cybersecplayground \u2014 we drop daily 0days, PoCs & hunting tips!\n\n#CVE2025_48952 #NetAlertX #bugbounty #infosec #php #passwordbypass #hunterhow #cybersecplayground #OSINT #RCE #authbypass", "creation_timestamp": "2025-07-10T19:42:23.000000Z"}