9 matches found
CVE-2025-21107
CVE-2025-21107 relates to an Unquoted Search Path or Element vulnerability in Dell NetWorker. Public sources in the connected documents show that Dell NetWorker versions prior to 19.11.0.3, and all 19.10 and earlier, are affected. The underlying issue is a path quoting flaw that could allow a low...
CVE-2025-21103
CVE-2025-21103 affects Dell NetWorker Management Console. The vulnerability is an improper neutralization of a server-side vulnerability allowing an unauthenticated, local attacker to potentially execute arbitrary code on the server. Affected versions: 19.11–19.11.0.3 and versions prior to 19.10....
CVE-2024-42422
Summary of findings (CVE-2024-42422) : The vulnerability is observed in Dell NetWorker 19.10 . It is an Authorization Bypass Through User-Controlled Key issue that allows an unauthenticated attacker with remote access to potentially cause information disclosure. The connected PT-Security entry ex...
CVE-2025-21104
Dell NetWorker (NMC) Open Redirect vulnerability (CVE-2025-21104) affects versions prior to 19.12.0.1 and prior to 19.11.0.4. An unauthenticated attacker with remote access could redirect a targeted application user to arbitrary URLs, enabling phishing to exfiltrate sensitive information. Connect...
CVE-2024-22432
Dell EMC NetWorker ( Networker) versions 19.9 and earlier store a plain-text password in a temporary configuration file during NMDA MySQL backups. This enables a low-privilege local attacker with access to the Networker Client system to potentially disclose credentials and use them to access the ...
CVE-2023-24568
Dell NetWorker (EMC Networker) is affected by an Improper Validation of Certificate with Host Mismatch in the RabbitMQ startup path, which could prevent replacing CA-signed certificates. The issue is tied to hostname validation for RabbitMQ, with the known remediation path citing Dell/NCSC guidan...
CVE-2023-28055
Dell EMC NetWorker client (Dell NetWorker 19.7) is affected by an improper authorization vulnerability. An unauthenticated adversary on the same network can manipulate commands to gain full access to server files, enabling information leaks, DoS, and arbitrary code execution. Affected versions pe...
CVE-2023-25539
Dell EMC NetWorker 19.6.1.2 contains an OS command injection vulnerability in the NetWorker client that could allow a remote, unauthenticated attacker to execute arbitrary OS commands with the affected application’s privileges. Multiple sources corroborate that affected versions include pre-19.6....
CVE-2025-36582
CVE-2025-36582 concerns Dell NetWorker, versions 19.12.0.1 and earlier, with a vulnerability titled “Selection of Less-Secure Algorithm During Negotiation (Algorithm Downgrade).” An unauthenticated attacker with remote access could potentially disclose information due to selecting a weaker algori...