CVE-2022-23155
Description
Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability. A malicious user with admin privileges can exploit this vulnerability in order to execute arbitrary code on the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Dell Wyse Management Suite 2.0-3.5.2 has an unrestricted file upload flaw allowing admin users to execute arbitrary code.
Vulnerability
Dell Wyse Management Suite versions 2.0 through 3.5.2 contain an unrestricted file upload vulnerability [1]. A malicious user with admin privileges can upload arbitrary files without proper validation, leading to code execution on the system.
Exploitation
An attacker with admin privileges (network access and authenticated session) can exploit this by uploading a malicious file, such as a web shell, via the file upload functionality. No additional user interaction is required beyond the initial admin login. The uploaded file can then be accessed to execute arbitrary code.
Impact
Successful exploitation allows arbitrary code execution with the privileges of the application, typically high. This results in full compromise of confidentiality, integrity, and availability (CIA). The CVSS base score is 7.2 (High) [1].
Mitigation
Dell has released a security update as part of DSA-2022-030 (dated 2022-02-17) [1]. Users should upgrade to a version beyond 3.5.2. No workarounds are documented. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of this writing.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: 2.0 - 3.5.2
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.dell.com/support/kbdoc/000195918mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.