CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2025-45378

CVSS 9.1v3.1pub. 2025-11-05upd. 2025-11-07

Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A Privileged user with known password can break into command shell of CloudLink server and gain access of shell and escalate privilege, gain unauthorized access of system. If ssh is enabled with web credentials of server, attack is possible through network with known privileged user/password.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Dell Cloudlink

    APP
    Dell
    8.0 – 8.1.2
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2025-46364CRITICAL9.1PL ✓ten sam produkt

Dell CloudLink — CLI Escape umożliwia przejęcie kontroli nad systemem

CVE-2022-34380CRITICAL9.3ten sam produkt

Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Chan...

CVE-2022-34379CRITICAL9.4ten sam produkt

Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attac...

CVE-2021-36312CRITICAL9.1ten sam produkt

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privi...

CVE-2021-36313CRITICAL9.1ten sam produkt

Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high pri...