Path Traversal Vulnerability in NAKIVO Backup & Replication
CVE-2024-48248

8.6HIGH

Key Information:

Vendor
Nakivo
Status
Backup & Replication Director
Vendor
CVE Published:
4 March 2025

Badges

📈 Score: 1,140👾 Exploit Exists🟣 EPSS 93%🦅 CISA Reported📰 News Worthy

What is CVE-2024-48248?

CVE-2024-48248 is a critical vulnerability identified in NAKIVO Backup & Replication, a software solution designed for data backup, recovery, and replication purposes within IT infrastructures. This vulnerability enables unauthorized users to exploit absolute path traversal, allowing them to gain access to sensitive files that may include cleartext credentials. Such exposure poses a significant risk to organizations, as it could potentially lead to unauthorized access and remote code execution, undermining the integrity and security of their backup systems.

Technical Details

This vulnerability specifically affects versions of NAKIVO Backup & Replication prior to 11.0.0.88174. It involves the getImageByPath function, which is vulnerable to absolute path traversal attacks that can lead to reading sensitive files directly from the filesystem. Such an oversight allows attackers to navigate the server's directory structure improperly, which can expose critical data and credentials used by the application for authentication and other purposes.

Potential impact of CVE-2024-48248

  1. Remote Code Execution: The vulnerability can lead to unauthorized remote code execution across enterprise networks, allowing attackers to manipulate systems and potentially deploy malicious software.

  2. Credential Exposure: Access to cleartext credentials may result in further exploitation throughout the organization, enabling attackers to gain additional access to systems and sensitive information.

  3. Data Integrity Risks: Compromised backup systems can lead to a loss of data integrity, making it difficult for organizations to recover from attacks or data loss events, thereby increasing operational risks.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Backup & Replication Director 0 < 11.0.0.88174

News Articles

favicon imageHelp Net Security

Week in review: Veeam Backup & Replication RCE fixed, free file converter sites deliver malware - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Critical Veeam Backup & Replication RCE vulnerability

favicon imageHelp Net Security

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) - Help Net Security

A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, used by orgs of all sizes and MSPs, is being exploited by attackers.

favicon imageSentinelOne

The Good, the Bad and the Ugly in Cybersecurity - Week 12

Three new bugs added to CISA's KEV catalog, RaaS affiliates use new custom backdoor, and compromised GitHub Action exposes CI/CD secrets.

References

https://labs.watchtowr.com/the-best-security-is-when-we-a...
https://helpcenter.nakivo.com/Release-Notes/Content/Relea...

EPSS Score

93% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • Vulnerability published

  • 📰

    First article discovered by watchTowr Labs

  • Vulnerability Reserved

.