DELL Enterprise SONiC OS Encryption Key Vulnerability

DELL Enterprise SONiC OS is an open source network operating system developed by Dell and designed for data center and cloud computing scenarios. DELL Enterprise SONiC OS suffers from a cryptographic key vulnerability that stems from a cryptographic key vulnerability in SSH, which can be exploite...

CVE-2025-38741

Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to unauthorized access to communication...

CVE-2024-45765

Dell Enterprise SONiC OS, versions 4.1.x, 4.2.x, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution. This is a...

Dell Enterprise SONiC OS 安全漏洞

Dell Enterprise SONiC OS Dell Enterprise Sonic Operating System is an open-source network operating system from Dell USA. A security vulnerability exists in Dell Enterprise SONiC OS versions 4.1. x and 4.2.x, which stems from improper authentication and could lead to a protection mechanism bypass...

PT-2024-8974 · Dell · Dell Enterprise Sonic Os

Name of the Vulnerable Software and Affected Versions: Dell Enterprise SONiC OS versions 4.1.x through 4.2.x Description: The issue is related to an improper neutralization of special elements used in an OS command, which can be exploited by a high-privileged attacker with remote access to execut...

PT-2023-26863 · Sonicos · Sonicos

Name of the Vulnerable Software and Affected Versions: SonicOS affected versions not specified Description: The issue is a post-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml and ssoStats-s.wri URL endpoints, which can lead to a firewall crash. Recommendations: At...