cbcvebase.
CVE-2025-36592
published 2025-10-30

CVE-2025-36592: Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page…

PriorityP427medium5.4CVSS 3.1
AVNACLPRNUIRSUCLILAN
EPSS
0.19%
9.2th percentile
Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Script injection.

Affected

2 ranges
VendorProductVersion rangeFixed in
dellpolicy_manager_for_secure_connect_gateway< 5.32.00.185.32.00.18
dellsecure_connect_gateway_scg_policy_manager>= N/A < 5.32.00.185.32.00.18
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.