HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2024-22426

CVSS 7.2v3.1pub. 2024-02-16upd. 2025-01-23

Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user, resulting in a complete system compromise.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • Dell Recoverpoint For Virtual Machines

    APP
    Dell
    5.36.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)

CVE-2024-22461HIGH8.8ten sam produkt

Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged ...

CVE-2025-21105MEDIUM6.6ten sam produkt

Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged mali...

CVE-2025-21106MEDIUM5.5ten sam produkt

Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low priv...

CVE-2024-28980MEDIUM6.5ten sam produkt

Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vuln...

CVE-2024-22426 — Dell — Recoverpoint For Virtual Machines — HIGH — CVSS 7.2 | CVEbaza.pl