10 matches found
CVE-2026-22271
CVE-2026-22271 affects Dell ECS (versions 3.8.1.0–3.8.1.7) and Dell ObjectScale (versions prior to 4.2.0.0). The issue is cleartext transmission of sensitive information accessible via remote, unauthenticated access, potentially exposing data. Exploitation appears to be network-based with high im...
CVE-2026-22271
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information exposure...
DELL Cloud Disaster Recovery OS Command Injection Vulnerability
DELL Cloud Disaster Recovery is a cloud disaster recovery solution provided by Dell Technologies. DELL Cloud Disaster Recovery suffers from an OS command injection vulnerability that stems from improper neutralization of special elements in OS commands, which can be exploited by an attacker to...
CVE-2025-43943
Dell Cloud Disaster Recovery, versions prior to 19.20, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with...
CVE-2025-43943
Dell Cloud Disaster Recovery, versions prior to 19.20, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with...
CVE-2025-43943
Dell Cloud Disaster Recovery, versions prior to 19.20, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with...
CVE-2025-43943
Dell Cloud Disaster Recovery, versions prior to 19.20, contains an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with...
CVE-2025-43943
CVE-2025-43943 concerns Dell Cloud Disaster Recovery. Affected: Dell Cloud Disaster Recovery versions prior to 19.20. Issue: Improper Neutralization of Special Elements in OS Commands (OS Command Injection) allowing a high-privilege local attacker to execute arbitrary commands with root privilege...
PT-2025-39410
Name of the Vulnerable Software and Affected Versions Dell Cloud Disaster Recovery versions prior to 19.20 Description Dell Cloud Disaster Recovery contains an Improper Neutralization of Special Elements used in an OS Command, also known as OS Command Injection. A high privileged attacker with...
CVE-2025-26476
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded Cryptographic Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access...