HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2024-25951

CVSS 8.0v3.1pub. 2024-03-09upd. 2025-01-31

A command injection vulnerability exists in local RACADM. A malicious authenticated user could gain control of the underlying operating system.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Dell Idrac8

    APP
    Dell
    < 2.85.85.85
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2020-5344HIGH7.0ten sam produkt

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based ...

CVE-2016-5685HIGH8.8ten sam produkt

Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell ac...

CVE-2022-34436LOW2.7ten sam produkt

Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when th...

CVE-2026-22769CRITICAL10.0⚠ KEVPL ✓ten sam vendor

Dell RecoverPoint for VMs — zahardkodowane dane uwierzytelniające (RCE, root)

CVE-2026-41120CRITICAL9.8PL ✓ten sam vendor

RCE w Dell Wyse Management Suite — akceptacja niezaufanych danych