CVE-2024-11948: 
NixOS vulnerability analysis and mitigation

GFI Archiver contains a remote code execution vulnerability (CVE-2024-11948) that affects installations using a vulnerable version of Telerik Web UI. The vulnerability was discovered by Sina Kheirkhah of Summoning Team and publicly disclosed on December 11, 2024. This critical vulnerability affects all versions of GFI Archiver prior to version 15.7 (ZDI Advisory).

The vulnerability exists within the product installer and stems from the use of a vulnerable version of Telerik Web UI. The flaw has been assigned a CVSS v3.1 base score of 9.8 (CRITICAL) with the vector string AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating that it can be exploited remotely with low attack complexity and requires no privileges or user interaction (NVD).

Successful exploitation of this vulnerability allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE on affected systems. No authentication is required to exploit this vulnerability, making it particularly dangerous (ZDI Advisory).

The vulnerability has been fixed in GFI Archiver version 15.7. Users are advised to upgrade to this version or later to mitigate the risk. The fix is available at https://upgrade.gfi.com/check/gfi-archiver/12x (ZDI Advisory).