cbcvebase.

Dell Networker vulnerabilities

19 known vulnerabilities affecting dell/networker.

Total CVEs
19
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH6MEDIUM12

Vulnerabilities

Page 1 of 1
CVE-2023-25539P2CRITICALCVSS 9.8fixed in 19.7.0.4v19.7.12023-05-31
CVE-2023-25539 [CRITICAL] CWE-94 CVE-2023-25539: Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. This is a high severity vulnerability
nvd
CVE-2023-28055P3HIGHCVSS 8.8≥ 19.7, < 19.7.0.5≥ 19.8, < 19.8.0.3+6 more2023-09-27
CVE-2023-28055 [HIGH] CWE-285 CVE-2023-28055: Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. A Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting in information leaks, denial of service, and arbitrary code execution. Dell
nvd
CVE-2024-42422P3HIGHCVSS 7.5fixed in 19.10.0.6≥ 19.11, < 19.11.0.3+2 more2024-12-03
CVE-2024-42422 [HIGH] CWE-639 CVE-2024-42422: Dell NetWorker, version(s) 19.10, contain(s) an Authorization Bypass Through User-Controlled Key vul Dell NetWorker, version(s) 19.10, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
nvd
CVE-2025-36582P3HIGHCVSS 7.5fixed in 19.13≥ N/A, < 19.132025-07-01
CVE-2025-36582 [HIGH] CWE-757 CVE-2025-36582: Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During N Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.
nvd
CVE-2025-21107P3HIGHCVSS 7.8fixed in 19.11.0.3≥ 19.11, ≤ 19.11.0.2+2 more2025-01-30
CVE-2025-21107 [HIGH] CWE-428 CVE-2025-21107: Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
nvd
CVE-2025-21103P3HIGHCVSS 7.8fixed in 19.10.0.7≥ 19.11, ≤ 19.11.0.32025-02-17
CVE-2025-21103 [HIGH] CWE-97 CVE-2025-21103: Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 Dell NetWorker Management Console, version(s) 19.11 through 19.11.0.3 & Versions prior to 19.10.0.7 contain(s) an improper neutralization of server-side vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability and run arbitrary code on the server.
nvd
CVE-2021-36311P3HIGHCVSS 7.8≥ unspecified, < 19.52021-11-23
CVE-2021-36311 [HIGH] CWE-285 CVE-2021-36311: Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it.
nvd
CVE-2020-26183P3MEDIUMCVSS 6.5≥ unspecified, < 19.3.0.22020-10-16
CVE-2020-26183 [MEDIUM] CWE-285 CVE-2020-26183: Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability. Certa Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability. Certain remote users with low privileges may exploit this vulnerability to perform 'nsrmmdbd' operations in an unintended manner.
nvd
CVE-2020-26182P3MEDIUMCVSS 6.5≥ unspecified, < 19.3.0.22020-10-16
CVE-2020-26182 [MEDIUM] CWE-266 CVE-2020-26182: Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerabilit Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users authenticated via LDAP.
nvd
CVE-2025-21104P4MEDIUMCVSS 6.5fixed in 19.11.0.4v19.12+2 more2025-03-13
CVE-2025-21104 [MEDIUM] CWE-601 CVE-2025-21104: Dell NetWorker, versions prior to 19.11.0.4 and version 19.12, contains an URL Redirection to Untrus Dell NetWorker, versions prior to 19.11.0.4 and version 19.12, contains an URL Redirection to Untrusted Site ('Open Redirect') Vulnerability in NetWorker Management Console. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The v
nvd
CVE-2024-22432P4MEDIUMCVSS 6.5≤ 19.92024-01-25
CVE-2024-22432 [MEDIUM] CWE-256 CVE-2024-22432: Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config fil Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configured MySQL Database user credentials. The attacker may be
nvd
CVE-2021-21600P4MEDIUMCVSS 6.5≥ unspecified, < 19.52021-08-10
CVE-2021-21600 [MEDIUM] CWE-772 CVE-2021-21600: Dell EMC NetWorker, 19.4 or older, contain an uncontrolled resource consumption flaw in its API serv Dell EMC NetWorker, 19.4 or older, contain an uncontrolled resource consumption flaw in its API service. An authorized API user could potentially exploit this vulnerability via the web and desktop user interfaces, leading to denial of service in the manageability path.
nvd
CVE-2021-21569P4MEDIUMCVSS 4.9v18.x, 19.x2021-09-28
CVE-2021-21569 [MEDIUM] CWE-78 CVE-2021-21569: Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server us Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.
nvd
CVE-2021-21559P4MEDIUMCVSS 5.3≥ unspecified, < 19.4.0.22021-06-08
CVE-2021-21559 [MEDIUM] CWE-295 CVE-2021-21559: Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper Cer Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper Certificate Validation vulnerability in the client (NetWorker Management Console) components which uses SSL encrypted connection in order to communicate with the application server. An unauthenticated attacker in the same network collision domain as the
nvd
CVE-2021-21570P4MEDIUMCVSS 4.9v18.x, 19.x2021-09-28
CVE-2021-21570 [MEDIUM] CWE-78 CVE-2021-21570: Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.
nvd
CVE-2021-21546P4MEDIUMCVSS 5.5≥ unspecified, < 19.3.0.42021-07-29
CVE-2021-21546 [MEDIUM] CWE-532 CVE-2021-21546: Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosu Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosure in Log Files vulnerability. A local low-privileged user of the Networker server could potentially exploit this vulnerability to read plain-text credentials from server log files.
nvd
CVE-2022-29082P4MEDIUMCVSS 4.6≥ unspecified, < 19.6.0.32022-05-26
CVE-2022-29082 [MEDIUM] CWE-297 CVE-2022-29082: Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote attackers to spoof certificates.
nvd
CVE-2023-24568P4MEDIUMCVSS 4.3≤ 19.7.0.3v19.7.1+2 more2023-05-30
CVE-2023-24568 [MEDIUM] CWE-297 CVE-2023-24568: Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.
nvd
CVE-2021-21558P4MEDIUMCVSS 4.4≥ unspecified, < 19.4.0.22021-06-08
CVE-2021-21558 [MEDIUM] CWE-532 CVE-2021-21558: Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosu Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to make changes to the network domain.
nvd
Dell Networker vulnerabilities | cvebase