PT-2026-39587 · Dell · Objectscale+1
Published
2026-05-10
·
Updated
2026-05-11
·
CVE-2026-35157
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Dell ECS versions 3.8.1.0 through 3.8.1.7
Dell ObjectScale versions prior to 4.3.0.0
Description
The user interface contains an improper neutralization of formula elements in CSV files. This allows an unauthenticated attacker with remote access to perform CSV Formula Injection, which could potentially lead to remote execution.
Recommendations
Update Dell ECS to a version later than 3.8.1.7.
Update Dell ObjectScale to version 4.3.0.0 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ecs
Objectscale