CVE-2025-36607
published 2025-08-04CVE-2025-36607: Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | unity | >= N/A < 5.5.1 | 5.5.1 |
| dell | unity_operating_environment | < 5.5.1.0 | 5.5.1.0 |