Dell Unity vulnerabilities
61 known vulnerabilities affecting dell/unity.
Total CVEs
61
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH36MEDIUM20
Vulnerabilities
Page 1 of 4
CVE-2026-21418HIGHCVSS 7.8≥ N/A, < 5.5.32026-01-30
CVE-2026-21418 [HIGH] CWE-78 CVE-2026-21418: Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements us
Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.
cvelistv5nvd
CVE-2025-43939HIGHCVSS 7.8≥ N/A, < 5.5.22025-10-30
CVE-2025-43939 [HIGH] CWE-78 CVE-2025-43939: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
cvelistv5nvd
CVE-2025-43941HIGHCVSS 7.8≥ N/A, < 5.5.22025-10-30
CVE-2025-43941 [HIGH] CWE-78 CVE-2025-43941: Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary command with root privileges. This vulnerability only affects systems without a valid
cvelistv5nvd
CVE-2025-46422HIGHCVSS 7.8≥ N/A, < 5.5.22025-10-30
CVE-2025-46422 [HIGH] CWE-78 CVE-2025-46422: Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
cvelistv5nvd
CVE-2025-46423HIGHCVSS 7.8≥ N/A, < 5.5.22025-10-30
CVE-2025-46423 [HIGH] CWE-78 CVE-2025-46423: Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability to execute arbitrary commands with root privileges.
cvelistv5nvd
CVE-2025-43940HIGHCVSS 7.8≥ N/A, < 5.5.22025-10-30
CVE-2025-43940 [HIGH] CWE-78 CVE-2025-43940: Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
cvelistv5nvd
CVE-2025-43942HIGHCVSS 7.8≥ N/A, < 5.5.22025-10-30
CVE-2025-43942 [HIGH] CWE-78 CVE-2025-43942: Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
cvelistv5nvd
CVE-2025-36604CRITICALCVSS 9.8PoC≥ N/A, < 5.5.12025-08-04
CVE-2025-36604 [HIGH] CWE-78 CVE-2025-36604: Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution.
cvelistv5nvd
CVE-2025-36606HIGHCVSS 7.8≥ N/A, < 5.5.12025-08-04
CVE-2025-36606 [HIGH] CWE-78 CVE-2025-36606: Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nf
Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nfssupport utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
cvelistv5nvd
CVE-2025-36607HIGHCVSS 7.8≥ N/A, < 5.5.12025-08-04
CVE-2025-36607 [HIGH] CWE-78 CVE-2025-36607: Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_na
Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injection Vulnerability in its svc_nas utility. An authenticated attacker could potentially exploit this vulnerability, escaping the restricted shell and execute arbitrary operating system commands with root privileges.
cvelistv5nvd
CVE-2025-36605MEDIUMCVSS 6.1≥ N/A, < 5.5.12025-08-04
CVE-2025-36605 [MEDIUM] CWE-79 CVE-2025-36605: Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading
cvelistv5nvd
CVE-2024-49601CRITICALCVSS 9.8≥ N/A, < 5.5.0.0.5.2592025-03-28
CVE-2024-49601 [HIGH] CWE-78 CVE-2024-49601: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
cvelistv5nvd
CVE-2025-22398CRITICALCVSS 9.8≥ N/A, < 5.5.0.0.5.2592025-03-28
CVE-2025-22398 [CRITICAL] CWE-78 CVE-2025-22398: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution as root. Exploitation may lead to a system take over by an a
cvelistv5nvd
CVE-2025-24383CRITICALCVSS 9.1≥ N/A, < 5.5.0.0.5.2592025-03-28
CVE-2025-24383 [CRITICAL] CWE-78 CVE-2025-24383: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to delete arbitrary files. This vulnerability is considered critical as it can be leveraged to delet
cvelistv5nvd
CVE-2025-24380HIGHCVSS 7.8≥ N/A, < 5.5.0.0.5.2592025-03-28
CVE-2025-24380 [HIGH] CWE-78 CVE-2025-24380: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
cvelistv5nvd
CVE-2025-24378HIGHCVSS 7.8≥ N/A, < 5.5.0.0.5.2592025-03-28
CVE-2025-24378 [HIGH] CWE-78 CVE-2025-24378: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
cvelistv5nvd
CVE-2025-24386HIGHCVSS 7.8≥ N/A, < 5.5.0.0.5.2592025-03-28
CVE-2025-24386 [HIGH] CWE-78 CVE-2025-24386: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
cvelistv5nvd
CVE-2024-49565HIGHCVSS 7.8≥ N/A, < 5.5.0.0.5.2592025-03-28
CVE-2024-49565 [HIGH] CWE-78 CVE-2024-49565: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution and Elevation of privileges.
cvelistv5nvd
CVE-2025-24385HIGHCVSS 7.8≥ N/A, < 5.5.0.0.5.2592025-03-28
CVE-2025-24385 [HIGH] CWE-78 CVE-2025-24385: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges.
cvelistv5nvd
CVE-2024-49563HIGHCVSS 7.8≥ N/A, < 5.5.0.0.5.2592025-03-28
CVE-2024-49563 [HIGH] CWE-78 CVE-2024-49563: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of arbitrary operating system commands with root privileges and elevation of privileg
cvelistv5nvd
1 / 4Next →