Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2025/03/20 9:43 a.m.27 views

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 CVSS...

9.3CVSS8.8AI score0.94557EPSS
Exploits7
RedhatCVE
RedhatCVE
added 2025/03/06 1:8 a.m.31 views

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...

8.6CVSS8.1AI score0.9408EPSS
Exploits2References1
NVD
NVD
added 2025/03/04 8:15 a.m.36 views

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...

8.6CVSS0.9408EPSS
Exploits2References4
ATTACKERKB
ATTACKERKB
added 2025/03/04 12:0 a.m.15 views

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials. Recent assessments: Assessed Attacker Value: 0 Assesse...

8.6CVSS8AI score0.9408EPSS
In wildExploits2References3
Vulnrichment
Vulnrichment
added 2025/03/04 12:0 a.m.13 views

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...

8.6CVSS9AI score0.9408EPSS
Exploits2References2
CVE
CVE
added 2025/03/04 12:0 a.m.204 views

CVE-2024-48248

CVE-2024-48248 affects NAKIVO Backup & Replication prior to 11.0.0.88174. The vulnerability is an absolute path traversal via getImageByPath to /c/router, leading to unauthenticated arbitrary file read with potential remote code execution across the enterprise when cleartext credentials are expos...

8.6CVSS9AI score0.9408EPSS
In wildExploits2References4Affected Software1
Cvelist
Cvelist
added 2025/03/04 12:0 a.m.41 views

CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials...

8.6CVSS0.9408EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2025/01/28 4:46 a.m.809 views

Exploit for Absolute Path Traversal in Nakivo Backup_\&_Replication_Director

CVE-2024-48248 NAKIVO Backup and Replication Solution: Unauthe...

8.6CVSS9.6AI score0.9408EPSS
Exploits2
Rows per page
Query Builder