CVE-2024-22461
published 2024-12-13CVE-2024-22461: Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentially exploit this…
PriorityP258high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.74%
50.0th percentile
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentially exploit this vulnerability by running any command as root, leading to gaining of root-level access and compromise of complete system.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | recoverpoint_for_virtual_machines | — | — |
| dell | recoverpoint_for_virtual_machines | — | — |
| dell | recoverpoint_for_virtual_machines | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pg94-fqwx-cjcv: Dell RecoverPoint for Virtual Machines 6
ghsa_unreviewed·2024-12-13
CVE-2024-22461 [HIGH] CWE-347 GHSA-pg94-fqwx-cjcv: Dell RecoverPoint for Virtual Machines 6
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentially exploit this vulnerability by running any command as root, leading to gaining of root-level access and compromise of complete system.
Ivanti
Ivanti Security Advisory: CVE-2025-22461
vendor_ivanti·2025-04-08·CVSS 7.2
CVE-2025-22461 [HIGH] CWE-89 Ivanti Security Advisory: CVE-2025-22461
Ivanti Security Advisory: CVE-2025-22461
SQL injection in Ivanti Endpoint Manager before version 2024 SU1 or before version 2022 SU7 allows a remote authenticated attacker with admin privileges to achieve code execution.
CVE IDs: CVE-2025-22461
CVSS Base Score: 7.2
Severity: HIGH
CWEs: CWE-89
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-12-13
Published