{"vulnerability": "cve-2025-48952", "sightings": [{"uuid": "5c659f3b-6edc-4af7-a0cc-e0dd1998f191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114797506148304132", "content": "", "creation_timestamp": "2025-07-04T23:15:32.687094Z"}, {"uuid": "6a98e458-a9d1-48ca-9126-4efc5ccfd3f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/114813646081481340", "content": "", "creation_timestamp": "2025-07-07T19:40:08.617976Z"}, {"uuid": "e008fa17-6a4e-4327-a31a-d81ff91c63fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.com/post/3ltfk3gahek2g", "content": "", "creation_timestamp": "2025-07-07T19:40:12.249290Z"}, {"uuid": "e8e5a265-90a2-49ee-a19c-4143310bf989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "published-proof-of-concept", "source": "https://t.me/cybersecplayground/253", "content": "\ud83d\udea8 Alert: CVE-2025-48952 \u2013 Password Bypass in NetAlertX \ud83d\udea8\nDue to loose comparison in PHP, attackers can bypass authentication without knowing the correct password!\n\n\ud83d\udd25 Vulnerability Type:\nWeak equality check (== instead of ===) allows login bypass using special inputs like 0, false, or specific crafted passwords.\n\n\ud83d\udd13 Impact:\n\ud83d\udd39 Unauthenticated access to the web interface\n\ud83d\udd39 Possible full system control depending on configuration\n\n\ud83d\udca5 PoC & Details:\n\ud83d\udd17 GitHub Advisory\n\ud83d\udca3 Exploit Code Included \u2013 Ready to test!\n\n\ud83d\udef0 Attack Surface Scan\n\n\ud83d\udd75\ufe0f\u200d\u2642\ufe0f Hunter Dork\nproduct.name=\"NetAlertX\"\n\ud83c\udf10 Hunter Search\n\n\ud83e\udde0 Why It Matters:\nLoose type comparison in PHP can be fatal. Always use === for secure checks!\n\n\ud83d\udce2 Stay informed with @cybersecplayground \u2014 we drop daily 0days, PoCs & hunting tips!\n\n#CVE2025_48952 #NetAlertX #bugbounty #infosec #php #passwordbypass #hunterhow #cybersecplayground #OSINT #RCE #authbypass", "creation_timestamp": "2025-07-10T19:42:23.000000Z"}, {"uuid": "c735c41c-c0bd-4d64-bb49-86eee88e13b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/18826", "content": "\ud83d\udea8CVE-2025-48952: NetAlertX Password Bypass Vulnerability due to Loose Comparison in PHP\n\nPoC and Advisory: https://github.com/jokob-sk/NetAlertX/security/advisories/GHSA-4p4p-vq2v-9489\n\nDetails: https://www.cvedetails.com/cve/CVE-2025-48952/\n\nCVSS: 9.4", "creation_timestamp": "2025-07-07T19:39:48.000000Z"}, {"uuid": "564a15f1-fd19-42d4-949f-b6f845811184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-48952", "type": "published-proof-of-concept", "source": "Telegram/84odOWG29NERs2YXjdw5sO46oW-VY4veM5g9A83J8YKDeEE", "content": "", "creation_timestamp": "2025-07-10T19:43:10.000000Z"}]}