Sign in Get started

← All advisories

High severity8.8NVD Advisory· Published Nov 29, 2016· Updated May 6, 2026

CVE-2016-5685

CVE-2016-5685

Description

Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection.

Affected products

3

Dell/Idrac7 Firmware
cpe:2.3:o:dell:idrac7_firmware:*:*:*:*:*:*:*:*
Range: <=2.30.30.30
Dell/Idrac8 Firmware
cpe:2.3:o:dell:idrac8_firmware:*:*:*:*:*:*:*:*
Range: <=2.30.30.30
Dell EMC/iDRAC7 and iDRAC8v5
Range: firmware before 2.40.40.40

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

en.community.dell.com/techcenter/extras/m/white_papers/20443326nvdVendor Advisory
www.securityfocus.com/bid/94585nvdThird Party AdvisoryVDB Entry

News mentions

0

No linked articles in our index yet.