CVE-2024-48248 Scanner

NAKIVO Backup & Replication is a data protection solution designed for backing up and restoring virtualized and physical environments. It is used by IT teams and businesses to ensure the safety of their data by providing backup and disaster recovery capabilities. NAKIVO supports various platforms, including VMware, Hyper-V, and physical environments. It offers features like cloud backup, incremental backup, and replication, which help businesses protect their data and minimize downtime. The solution is widely adopted in industries requiring robust data protection and high availability. It integrates with cloud services and virtual environments to enhance data security and management.

This vulnerability in NAKIVO Backup & Replication allows unauthenticated attackers to read arbitrary files on the underlying system. This is due to improper access controls that allow attackers to manipulate the system through specific requests to the application. By exploiting this vulnerability, attackers can gain unauthorized access to sensitive files such as system configurations, passwords, or application data. This issue can lead to severe data exposure and potential further exploitation of the system. The vulnerability impacts all affected versions of NAKIVO Backup & Replication, exposing businesses to risks of data theft and loss of confidentiality.

The vulnerability occurs when an attacker sends a POST request to the /c/router endpoint with a specially crafted payload that targets the "STPreLoadManagement" action. This allows the attacker to read files from the system by providing paths to sensitive files such as /etc/passwd on Linux or C:/windows/win.ini on Windows systems. The application does not adequately verify the user’s authorization to access these files, allowing attackers to bypass security checks. The exposed files can contain sensitive information, including user credentials and system configurations, which could lead to further attacks. Successful exploitation requires no authentication, making this a critical vulnerability.

If exploited, this vulnerability allows attackers to access sensitive files on the underlying system without any form of authentication. This could lead to the exposure of system configurations, credentials, or other critical files, potentially compromising the security of the entire system. Attackers could use the information gained from these files to escalate their attack, access sensitive data, or gain unauthorized control over the system. The vulnerability also poses risks of data leakage, intellectual property theft, and potential for further exploitation. In organizations using NAKIVO Backup & Replication for disaster recovery and backup, this could lead to data breaches and loss of customer trust.

REFERENCES

• https://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/