Dell Recoverpoint For Virtual Machines vulnerabilities
13 known vulnerabilities affecting dell/recoverpoint_for_virtual_machines.
Total CVEs
13
CISA KEV
1
actively exploited
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL6HIGH2MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2026-22769P1CRITICALCVSS 10.0KEVfixed in 6.0v6.0+2 more2026-02-17
CVE-2026-22769 [CRITICAL] CWE-798 CVE-2026-22769: Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credentia
Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-lev
nvd
CVE-2024-22426P2CRITICALCVSS 9.8v5.3v6.02024-02-16
CVE-2024-22426 [CRITICAL] CWE-434 CVE-2024-22426: Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability
Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains an OS Command injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary operating system commands, which will get executed in the context of the root user, resulting in a complete system compromise.
nvd
CVE-2024-28980P3CRITICALCVSS 9.8v6.0v6.0 SP1+1 more2024-12-13
CVE-2024-28980 [CRITICAL] CWE-327 CVE-2024-28980: Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algo
Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic Algorithm vulnerability in the SSH. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
nvd
CVE-2024-48007P2CRITICALCVSS 9.8v6.0v6.0 SP1+1 more2024-12-13
CVE-2024-48007 [CRITICAL] CWE-798 CVE-2024-48007: Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability. A
Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability. A Remote unauthenticated attacker could potentially exploit this vulnerability by gaining access to the source code, easily retrieving these secrets and reusing them to access the system leading to gaining access to unauthorized data.
nvd
CVE-2024-22461P2HIGHCVSS 8.8v6.0v6.0 SP1+1 more2024-12-13
CVE-2024-22461 [HIGH] CWE-347 CVE-2024-22461: Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low p
Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A low privileged remote attacker could potentially exploit this vulnerability by running any command as root, leading to gaining of root-level access and compromise of complete system.
nvd
CVE-2024-38488P3CRITICALCVSS 9.8v6.0v6.0 SP1+1 more2024-12-13
CVE-2024-38488 [CRITICAL] CWE-307 CVE-2024-38488: Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of Ex
Dell RecoverPoint for Virtual Machines 6.0.x contains a vulnerability. An improper Restriction of Excessive Authentication vulnerability where a Network attacker could potentially exploit this vulnerability, leading to a brute force attack or a dictionary attack against the RecoverPoint login form and a complete system compromise.
This allows atta
nvd
CVE-2024-22425P3CRITICALCVSS 9.8v5.3v6.02024-02-16
CVE-2024-22425 [CRITICAL] CWE-307 CVE-2024-22425: Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulne
Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid
nvd
CVE-2025-21105P3HIGHCVSS 7.8v6.02025-02-20
CVE-2025-21105 [HIGH] CWE-284 CVE-2025-21105: Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privi
Dell RecoverPoint for Virtual Machines 6.0.X contains a command execution vulnerability. A Low privileged malicious user with local access could potentially exploit this vulnerability by running the specific binary and perform any administrative action permitted by it resulting in shutting down the server, modifying the configuration leading to gain a
nvd
CVE-2024-48008P3MEDIUMCVSS 6.5v6.0v6.0 SP1+1 more2024-12-13
CVE-2024-48008 [MEDIUM] CWE-11 CVE-2024-48008: Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low p
Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An Low privileged remote attacker could potentially exploit this vulnerability leading to information disclosure ,allowing of unintended actions like reading files that may contain sensitive information
nvd
CVE-2019-3727P4MEDIUMCVSS 6.7fixed in 5.2.0.22019-05-15
CVE-2019-3727 [MEDIUM] CWE-78 CVE-2019-3727: Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 con
Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an OS command injection vulnerability in the installation feature of Boxmgmt CLI. A malicious boxmgmt user may potentially be able to execute arbitrary commands as root.
nvd
CVE-2024-47984P4MEDIUMCVSS 6.5v6.0v6.0 SP1+1 more2024-12-13
CVE-2024-47984 [MEDIUM] CWE-790 CVE-2024-47984: Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with R
Dell RecoverPoint for Virtual Machines 6.0.x contains Denial of Service vulnerability. A User with Remote access could potentially exploit this vulnerability, leading to the disruption of most functionalities of the RPA persistent after reboot, resulting in need of technical support intervention in getting system back to stable state.
nvd
CVE-2024-24902P4MEDIUMCVSS 5.5v6.0v6.0 SP1+1 more2024-12-13
CVE-2024-24902 [MEDIUM] CWE-284 CVE-2024-24902: Dell RecoverPoint for Virtual Machines 6.0.x contains an Improper access control vulnerability. A lo
Dell RecoverPoint for Virtual Machines 6.0.x contains an Improper access control vulnerability. A low privileged local attacker could potentially exploit this vulnerability leading to gaining access to unauthorized data for a limited time.
nvd
CVE-2025-21106P4MEDIUMCVSS 5.5v6.02025-02-20
CVE-2025-21106 [MEDIUM] CWE-276 CVE-2025-21106: Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability.
Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system.
nvd