CVE-2025-36592
published 2025-10-30CVE-2025-36592: Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page…
PriorityP427medium5.4CVSS 3.1
AVNACLPRNUIRSUCLILAN
EPSS
0.19%
9.2th percentile
Dell Secure Connect Gateway (SCG) Policy Manager, version(s) 5.20. 5.22, 5.24, 5.26, 5.28, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Script injection.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | policy_manager_for_secure_connect_gateway | < 5.32.00.18 | 5.32.00.18 |
| dell | secure_connect_gateway_scg_policy_manager | >= N/A < 5.32.00.18 | 5.32.00.18 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-10-30
Published