Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high privileges. This vulnerability is considered critical as it can be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
DELL Dell EMC Avamar Server 操作系统命令注入漏洞
Vulnerability Description
DELL Dell EMC Avamar Server是美国戴尔(DELL)公司的一套用于服务器的完全虚拟化的备份和恢复软件。 DELL EMC Avamar Server, versions 19.1, 19.2, 19.3 存在操作系统命令注入漏洞,该漏洞源于未经身份验证的远程攻击者在应用程序的底层操作系统上执行任意操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A