VYPR

Backup & Replication Director

by Nakivo

CVEs (2)

  • CVE-2024-48248KEVMar 4, 2025
    risk 0.20cvss epss 0.94

    NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files via getImageByPath to /c/router (this may lead to remote code execution across the enterprise because PhysicalDiscovery has cleartext credentials).

  • CVE-2020-15850Sep 24, 2020
    risk 0.00cvss epss 0.01

    Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. This occurs because the database containing the users of the web application and the…