Name of the Vulnerable Software and Affected Versions:

Dell Unity versions 5.5 and prior

Description:

Dell Unity’s `svc nas` utility contains an OS Command Injection issue. An authenticated attacker could potentially exploit this, escaping the restricted shell and executing arbitrary operating system commands with root privileges.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.