PT-2025-10052 · Dell · Dell Thinos
Published
2025-03-07
·
Updated
2025-03-08
·
CVE-2025-26331
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell ThinOS versions prior to 2411
Description
The issue is related to an Improper Neutralization of Special Elements used in a Command, also known as 'Command Injection'. This could allow a low-privileged attacker with local access to potentially exploit the issue, leading to arbitrary code execution.
Recommendations
For versions prior to 2411, update to a version newer than 2411 to resolve the issue.
Fix
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dell Thinos