CVE-2026-22762 — Path Traversal in Dell Avamar Server

CWE-22 — Path Traversal3 documents3 sources

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 82.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Avamar Server Dell Avamar Virtual Edition Dell Powerprotect DP Series Appliance

Timeline

PublishedFeb 17

Description

Dell Avamar Server and Avamar Virtual Edition, versions prior to 19.10 SP1 with CHF338912, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary file delete.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:HExploitability: 1.2 | Impact: 5.2

Affected Packages3 packages

▶CVEListV5dell/avamar_virtual_edition19.9 through 19.10 SP1 — 19.10 SP1 with CHF 338912 or later

▶CVEListV5dell/avamar_server19.9 through 19.10 SP1 — 19.10 SP1 with CHF 338912 or later

▶CVEListV5dell/powerprotect_dp_series_applianceN/A — 2.7.9 with AV CHF 338912

🔴Vulnerability Details

CVEList

CVE-2026-22762: Dell Avamar Server and Avamar Virtual Edition, versions prior to 19↗2026-02-17

▶

GHSA

GHSA-cc8m-46cg-cg54: Dell Avamar Server and Avamar Virtual Edition, versions prior to 19↗2026-02-17

▶