CVE-2024-48248

NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials). > MITRE Terms of Use apply – see LICENSE‑MITRE.txt