HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2024-22461

CVSS 8.8v3.1pub. 2024-12-13upd. 2025-02-04

Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentially exploit this vulnerability by running any command as root, leading to gaining of root-level access and compromise of complete system.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Dell Recoverpoint For Virtual Machines

    APP
    Dell
    6.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)

CVE-2024-22426HIGH7.2ten sam produkt

Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unaut...

CVE-2025-21105MEDIUM6.6ten sam produkt

Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged mali...

CVE-2025-21106MEDIUM5.5ten sam produkt

Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low priv...

CVE-2024-28980MEDIUM6.5ten sam produkt

Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vuln...