ATTACK [PTsecurity] NAKIVO Backup & Replication Arbitrary File Read attempt (CVE-2024-48248)

SID: 10013518Rev: 130 views
History
Sourceptrules/open
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] NAKIVO Backup & Replication Arbitrary File Read attempt (CVE-2024-48248)"; flow:established, to_server; http.uri; content:"/c/router"; http.request_body; content:"|22|action|22|"; content:"|22|STPreLoadManagement|22|"; distance:0; content:"|22|method|22|"; content:"|22|getImageByPath|22|"; distance:0; content:"|22|data|22|"; reference:url, labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/; reference:url, github.com/watchtowrlabs/nakivo-arbitrary-file-read-poc-CVE-2024-48248; reference:cve, 2024-48248; reference:url, rules.ptsecurity.com; classtype:attempted-admin; sid:10013518; rev:1;)

References

urllabs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/
urlgithub.com/watchtowrlabs/nakivo-arbitrary-file-read-poc-CVE-2024-48248
cve2024-48248
urlrules.ptsecurity.com

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!