HIGH✓ PATCH🇬🇧 English

CVE-2024-22426

CVSS 7.2v3.1pub. 2024-02-16upd. 2025-01-23

Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user, resulting in a complete system compromise.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Dell Recoverpoint For Virtual Machines

    APP
    Dell
    5.36.0
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Command Injection
CWE
Referencje

Powiązane podatności

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)

CVE-2024-22461HIGH8.8ten sam produkt

Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged ...

CVE-2025-21105MEDIUM6.6ten sam produkt

Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged mali...

CVE-2025-21106MEDIUM5.5ten sam produkt

Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low priv...

CVE-2024-28980MEDIUM6.5ten sam produkt

Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vuln...