CVE-2025-32744

Dell AppSync 4.6.0.0 contains an Unrestricted Upload of File with Dangerous Type vulnerability that could allow remote code execution by a high-privilege attacker with remote access. The issue stems from insufficient validation of uploaded files. A security update/ advisory (DSA-2025-277) is avai...

CVE-2025-36603

Dell AppSync, versions 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering...

CVE-2025-36603

Dell AppSync, versions 4.6.0.0, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information disclosure and Information tampering...

CVE-2025-36603

Dell AppSync 4.6.0.0 contains an Improper Restriction of XML External Entity Reference vulnerability. A low-privilege attacker with local access could exploit this to cause information disclosure and information tampering. Exploitation details are not provided in the documents. References indicat...

Dell AppSync 代码问题漏洞

Dell AppSync is a data replication management application from Dell USA. A file upload vulnerability exists in Dell AppSync version 4.6.0.0, which stems from the application's lack of effective validation of uploaded files. The vulnerability can be exploited to remotely execute arbitrary code by...

PT-2025-30299 · Dell · Dell Appsync

Name of the Vulnerable Software and Affected Versions: Dell AppSync version 4.6.0.0 Description: Dell AppSync version 4.6.0.0 contains an Improper Restriction of XML External Entity Reference issue. A low privileged attacker with local access could potentially exploit this issue, leading to...

PT-2025-30305 · Dell · Dell Appsync

Name of the Vulnerable Software and Affected Versions: Dell AppSync version 4.6.0.0 Description: Dell AppSync version 4.6.0.0 contains an unrestricted upload of file with dangerous type issue. A high privileged attacker with remote access could potentially exploit this, leading to remote executio...

Dell AppSync 代码问题漏洞

Dell AppSync is a data backup and recovery management software from Dell. An XML External Entity Reference Improper Restriction vulnerability exists in Dell AppSync version 4.6.0.0, which stems from improper handling of XML external entity parsing. An attacker could exploit this vulnerability to...

CVE-2024-52542

Dell AppSync, version 4.6.0.x, contain a Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering...

CVE-2024-52542

Dell AppSync, version 4.6.0.x, contain a Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering...

CVE-2024-52542

Dell AppSync, version 4.6.0.x, contain a Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering...

CVE-2024-52542

Dell AppSync 4.6.0.x is affected by a Symbolic Link (Symlink) Following vulnerability. The root cause is the mismanagement of symlinks that allows a low-privileged, locally connected attacker to tamper information. Impact is limited to information integrity (I: High; A: None; C: None per docs). N...

CVE-2024-52542

Dell AppSync, version 4.6.0.x, contain a Symbolic Link Symlink Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information tampering...

Dell AppSync Server 安全漏洞

Dell AppSync Server is a copy data management software from Dell USA. A security vulnerability exists in Dell AppSync Server version 4.6.0.x, which stems from the inclusion of a symbolic link tracking vulnerability that could be exploited by a low-privileged attacker with local access rights to...

PT-2024-35367 · Dell · Dell Appsync

Name of the Vulnerable Software and Affected Versions: Dell AppSync version 4.6.0.x Description: A low privileged attacker with local access could potentially exploit a Symbolic Link Symlink Following vulnerability, leading to information tampering. Recommendations: For Dell AppSync version...

Dell AppSync Server XML External Entity Injection Vulnerability

Dell AppSync Server is a copy data management software from Dell USA. An XML external entity injection vulnerability exists in Dell AppSync Server versions 4.3 through 4.6, which arises from a networked system or product that does not have the correct filters in place to allow references to...

CVE-2024-39586

Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure...

CVE-2024-39586

Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure...

CVE-2024-39586

Dell AppSync Server (versions 4.3–4.6) contains an XML External Entity (XXE) vulnerability. An adjacent, high-privilege attacker could potentially leverage improperly filtered XML input to disclose information. The issue is rooted in how external entities are processed, allowing unauthorized read...

CVE-2024-39586

Dell AppSync Server, version 4.3 through 4.6, contains an XML External Entity Injection vulnerability. An adjacent high privileged attacker could potentially exploit this vulnerability, leading to information disclosure...