CVE-2025-36608

Medium CVSS 6.5

Overview

Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

CWE: CWE-611 Published: 2025-07-30T19:15:47.840

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 6.5 (MEDIUM)
Detected tags: unauth_access, xxe (tag impact: HIGH)

Recommended actions:

Enforce authentication/authorization; reduce default endpoint exposure.
Disable external entities in XML parsers; use safe libraries.

Overview

Recommended tools

Tags