Request a Demo
Rewterz
Multiple WordPress Plugins Vulnerabilities
March 19, 2025
Rewterz
Multiple Intel Products Vulnerabilities
March 19, 2025

Multiple Dell Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-48831 CVSS:8.4

Dell SmartFabric OS10 Software, contain(s) a Use of Hard-coded Password vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

CVE-2024-49559 CVSS:8.8

Dell SmartFabric OS10 Software, contain(s) an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

CVE-2024-48017 CVSS:6.5

Dell SmartFabric OS10 Software, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

CVE-2024-48015 CVSS:6.7

Dell SmartFabric OS10 Software, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

CVE-2025-22474 CVSS:6.8

Dell SmartFabric OS10 Software, contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.

CVE-2024-48830 CVSS:7.8

Dell SmartFabric OS10 Software, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

CVE-2024-48013 CVSS:8.8

Dell SmartFabric OS10 Software, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

CVE-2024-48828 CVSS:5.5

Dell SmartFabric OS10 Software, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

CVE-2025-21104 CVSS:4.3

Dell NetWorker, contain(s) an Open Redirect Vulnerability in NMC. An unauthenticated attacker with remoter access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.

Impact

  • Gain Access
  • Code Execution
  • Security Bypass
  • Privilege Escalation

Indicators of Compromise

CVE

  • CVE-2024-48831

  • CVE-2024-49559

  • CVE-2024-48017

  • CVE-2024-48015

  • CVE-2025-22474

  • CVE-2024-48830

  • CVE-2024-48013

  • CVE-2024-48828

  • CVE-2025-21104

Affected Vendors

  • Dell

Affected Products

  • Dell SmartFabric OS10 Software 10.5.6.x
  • Dell SmartFabric OS10 Software 10.5.5.x
  • Dell SmartFabric OS10 Software 10.6.0.x
  • Dell NetWorker 19.11.0.3
  • Dell SmartFabric OS10 Software 10.5.4.x

Remediation

Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.

Dell SmartFabric OS10 Software

Dell NetWorker