CVE-2024-48248
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
04/03/2025
Last modified:
25/03/2025
Description
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).
Impact
Base Score 3.x
8.60
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:nakivo:backup_\&_replication_director:*:*:*:*:*:*:*:* | 11.0.0.88174 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://helpcenter.nakivo.com/Release-Notes/Content/Release-Notes.htm
- https://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/
- https://github.com/watchtowrlabs/nakivo-arbitrary-file-read-poc-CVE-2024-48248/?ref=labs.watchtowr.com