N/A

Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

OS命令中使用的特殊元素转义处理不恰当(OS命令注入)

Dell Unity 操作系统命令注入漏洞

Dell Unity是美国戴尔（Dell）公司的一套虚拟Unity存储环境。 Dell Unity 5.5及之前版本存在操作系统命令注入漏洞，该漏洞源于svc_nfssupport实用程序中的OS命令注入，可能导致执行任意命令。

N/A

N/A