HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2025-46428

CVSS 8.8v3.1pub. 2025-11-12upd. 2025-11-17

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Dell Smartfabric Os10

    OS
    Dell
    < 10.6.1.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-28078CRITICAL9.1PL ✓ten sam produkt

Podatność zeroMQ w Dell OS10 — ujawnienie danych i DoS przy konfiguracji VLT

CVE-2023-32462CRITICAL9.8PL ✓ten sam produkt

Dell SmartFabric OS10 — command injection przy zdalnym uwierzytelnianiu

CVE-2025-46427HIGH8.8ten sam produkt

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elem...

CVE-2024-48830HIGH7.8ten sam produkt

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neut...

CVE-2024-48013HIGH8.8ten sam produkt

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Execution wit...