← ExploitWatch
HomeExploited Vulnerabilities

CVE-2024-48248 — Actively Exploited: Backup and Replication (NAKIVO)

NAKIVO Backup and Replication contains an absolute path traversal vulnerability that enables an attacker to read arbitrary files.

CVE IDCVE-2024-48248
VendorNAKIVO
ProductBackup and Replication
Vulnerability nameNAKIVO Backup and Replication Absolute Path Traversal Vulnerability
Date added2025-03-19
Remediation due2025-04-09
Known ransomware useUnknown
Required actionApply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
DescriptionNAKIVO Backup and Replication contains an absolute path traversal vulnerability that enables an attacker to read arbitrary files.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →