CVE-2025-36604

High CVSS 7.3

Overview

Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.

CWE: CWE-78 Published: 2025-08-04T14:15:32.507

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.3 (HIGH)
Detected tags: command_injection, unauth_access (tag impact: HIGH)

Recommended actions:

Enforce authentication/authorization; reduce default endpoint exposure.

Overview

Recommended tools

Tags