April 28, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple WordPress Plugins Vulnerabilities
March 19, 2025Multiple Intel Products Vulnerabilities
March 19, 2025Multiple WordPress Plugins Vulnerabilities
March 19, 2025Multiple Intel Products Vulnerabilities
March 19, 2025
Severity
Medium
Analysis Summary
CVE-2024-48831 CVSS:8.4
Dell SmartFabric OS10 Software, contain(s) a Use of Hard-coded Password vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2024-49559 CVSS:8.8
Dell SmartFabric OS10 Software, contain(s) an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2024-48017 CVSS:6.5
Dell SmartFabric OS10 Software, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.
CVE-2024-48015 CVSS:6.7
Dell SmartFabric OS10 Software, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVE-2025-22474 CVSS:6.8
Dell SmartFabric OS10 Software, contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.
CVE-2024-48830 CVSS:7.8
Dell SmartFabric OS10 Software, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVE-2024-48013 CVSS:8.8
Dell SmartFabric OS10 Software, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
CVE-2024-48828 CVSS:5.5
Dell SmartFabric OS10 Software, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
CVE-2025-21104 CVSS:4.3
Dell NetWorker, contain(s) an Open Redirect Vulnerability in NMC. An unauthenticated attacker with remoter access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information.
Impact
- Gain Access
- Code Execution
- Security Bypass
- Privilege Escalation
Indicators of Compromise
CVE
CVE-2024-48831
CVE-2024-49559
CVE-2024-48017
CVE-2024-48015
CVE-2025-22474
CVE-2024-48830
CVE-2024-48013
CVE-2024-48828
CVE-2025-21104
Affected Vendors
- Dell
Affected Products
- Dell SmartFabric OS10 Software 10.5.6.x
- Dell SmartFabric OS10 Software 10.5.5.x
- Dell SmartFabric OS10 Software 10.6.0.x
- Dell NetWorker 19.11.0.3
- Dell SmartFabric OS10 Software 10.5.4.x
Remediation
Refer to Dell Security Advisory for patch, upgrade, or suggested workaround information.
