CVE-2025-22476

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dell Storage Center - Dell Storage Manager version 20.1.20

Description The issue is related to an Improper Neutralization of Special Elements used in a Command, also known as 'Command Injection'. This could allow a low-privileged attacker with adjacent network access to potentially exploit the issue, leading to remote execution.

Recommendations For version 20.1.20, update to a version that contains a fix for this issue to prevent command injection attacks. As a temporary workaround, consider restricting access to the Dell Storage Manager to minimize the risk of exploitation.

Fix

OS Command Injection

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78CWE-77

Related Identifiers

BDU:2025-06845

CVE-2025-22476

Affected Products

Dell Storage Center

Dell Storage Manager

CVE-2025-22476

Weakness Enumeration

Related Identifiers

Affected Products

References · 9