CVE-2024-48248

Beschreibung

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).

Schweregrad: HIGH

CVSS-Score: 8.6