CVE-2025-32750
Description
Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Dell PowerFlex Manager <=4.6.2 exposes directory listings to unauthenticated attackers, leading to information disclosure.
Vulnerability
Dell PowerFlex Manager versions up to and including 4.6.2 contain an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker can remotely access directory listings, potentially revealing file structures and sensitive information.
Exploitation
The vulnerability requires no authentication and can be triggered remotely over the network. The attacker sends specially crafted HTTP requests that cause the web server to return directory listings instead of blocking them, revealing the contents of directories.
Impact
Successful exploitation allows an unauthenticated attacker to enumerate files and directories on the affected PowerFlex Manager system, leading to information exposure that may aid in further attacks.
Mitigation
Dell has not yet disclosed a specific fix for this vulnerability in the available references. Users should monitor Dell support for updates and consider applying general security best practices such as restricting network access to the PowerFlex Manager interface.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=4.6.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.