CRITICAL🇵🇱 Wersja polska

CVE-2021-36313

CVSS 9.1v3.1pub. 2021-11-23upd. 2024-11-21

Dell EMC CloudLink 7.1 and all prior versions contain an OS command injection Vulnerability. A remote high privileged attacker, may potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker. This vulnerability is considered critical as it may be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
  • Dell Cloudlink

    APP
    Dell
    < 7.1.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Command Injection
CWE
References

Related vulnerabilities

CVE-2025-45378CRITICAL9.1PL ✓ten sam produkt

Dell CloudLink: command injection przez ucieczkę z restricted shell

CVE-2025-46364CRITICAL9.1PL ✓ten sam produkt

Dell CloudLink — CLI Escape umożliwia przejęcie kontroli nad systemem

CVE-2022-34379CRITICAL9.4ten sam produkt

Dell EMC CloudLink 7.1.2 and all prior versions contain an Authentication Bypass Vulnerability. A remote attac...

CVE-2022-34380CRITICAL9.3ten sam produkt

Dell CloudLink 7.1.3 and all earlier versions contain an Authentication Bypass Using an Alternate Path or Chan...

CVE-2021-36312CRITICAL9.1ten sam produkt

Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A remote high privi...