CVE-2025-36576

CWE-352 — Cross-Site Request Forgery (CSRF)3 documents3 sources

Severity

2.7LOW

EPSS

0.1%

top 67.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Wyse Management Suite

Timeline

PublishedJun 10

Description

Dell Wyse Management Suite, versions prior to WMS 5.2, contain a Cross-Site Request Forgery (CSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:LExploitability: 1.2 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5dell/wyse_management_suiteN/A — 5.2

▶NVDdell/wyse_management_suite< 5.2

🔴Vulnerability Details

CVEList

CVE-2025-36576: Dell Wyse Management Suite, versions prior to WMS 5↗2025-06-10

▶

GHSA

GHSA-rv7r-h58x-hgr3: Dell Wyse Management Suite, versions prior to WMS 5↗2025-06-10

▶