Multiple WordPress Plugins Vulnerabilities
March 19, 2025Multiple Intel Products Vulnerabilities
March 19, 2025Multiple WordPress Plugins Vulnerabilities
March 19, 2025Multiple Intel Products Vulnerabilities
March 19, 2025Severity
Medium
Analysis Summary
CVE-2024-48831 CVSS:8.4
Dell SmartFabric OS10 Software, contain(s) a Use of Hard-coded Password vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2024-49559 CVSS:8.8
Dell SmartFabric OS10 Software, contain(s) an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2024-48017 CVSS:6.5
Dell SmartFabric OS10 Software, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.
CVE-2024-48015 CVSS:6.7
Dell SmartFabric OS10 Software, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVE-2025-22474 CVSS:6.8
Dell SmartFabric OS10 Software, contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.
CVE-2024-48830 CVSS:7.8
Dell SmartFabric OS10 Software, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVE-2024-48013 CVSS:8.8
Dell SmartFabric OS10 Software, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-48828 CVSS:5.5
Dell SmartFabric OS10 Software, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2025-21104 CVSS:4.3
Dell NetWorker, contain(s) an Open Redirect Vulnerability in NMC. An unauthenticated attacker with remoter access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.
Impact
- Gain Access
- Code Execution
- Security Bypass
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2024-48831
CVE-2024-49559
CVE-2024-48017
CVE-2024-48015
CVE-2025-22474
CVE-2024-48830
CVE-2024-48013
CVE-2024-48828
CVE-2025-21104
Affected Vendors
- Dell
Affected Products
- Dell SmartFabric OS10 Software 10.5.6.x
- Dell SmartFabric OS10 Software 10.5.5.x
- Dell SmartFabric OS10 Software 10.6.0.x
- Dell NetWorker 19.11.0.3
- Dell SmartFabric OS10 Software 10.5.4.x
Remediation
Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.