VYPR

Dell Networking OS10

by Dell

CVEs (27)

  • CVE-2025-46428HigNov 12, 2025
    risk 0.57cvss 8.8epss 0.01

    Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code…

  • CVE-2025-46427HigNov 12, 2025
    risk 0.57cvss 8.8epss 0.01

    Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command…

  • CVE-2024-49559HigMar 17, 2025
    risk 0.57cvss 8.8epss 0.00

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

  • CVE-2024-48013HigMar 17, 2025
    risk 0.57cvss 8.8epss 0.01

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

  • CVE-2021-36307HigNov 20, 2021
    risk 0.57cvss 8.8epss 0.01

    Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.

  • CVE-2018-15778HigFeb 4, 2019
    risk 0.57cvss 8.8epss 0.00

    Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI).

  • CVE-2024-48831HigMar 17, 2025
    risk 0.55cvss 8.4epss 0.00

    Dell SmartFabric OS10 Software, version(s) 10.5.6.x, contain(s) a Use of Hard-coded Password vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

  • CVE-2021-36306HigNov 20, 2021
    risk 0.53cvss 8.1epss 0.04

    Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.

  • CVE-2019-3710HigMar 28, 2019
    risk 0.53cvss 8.1epss 0.01

    Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due to an underlying application using undocumented, pre-installed X.509v3 key/certificate pairs. An unauthenticated remote attacker with the knowledge of the default keys may potentially…

  • CVE-2025-22473HigMar 17, 2025
    risk 0.51cvss 7.8epss 0.01

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this…

  • CVE-2025-22472HigMar 17, 2025
    risk 0.51cvss 7.8epss 0.01

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this…

  • CVE-2024-48830HigMar 17, 2025
    risk 0.51cvss 7.8epss 0.01

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this…

  • CVE-2024-39585HigSep 6, 2024
    risk 0.51cvss 7.9epss 0.00

    Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an Use of Hard-coded Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Client-side request forgery and…

  • CVE-2023-39248HigDec 5, 2023
    risk 0.49cvss 7.5epss 0.01

    Dell OS10 Networking Switches running 10.5.2.x and above contain an Uncontrolled Resource Consumption (Denial of Service) vulnerability, when switches are configured with VLT and VRRP. A remote unauthenticated user can cause the network to be flooded leading to Denial of…

  • CVE-2022-34424HigSep 28, 2022
    risk 0.49cvss 7.5epss 0.01

    Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.

  • CVE-2018-15784HigJan 18, 2019
    risk 0.48cvss 7.4epss 0.01

    Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. Use of an invalid or malicious certificate could potentially allow an attacker to spoof a…

  • CVE-2024-48829MedNov 12, 2025
    risk 0.44cvss 6.7epss 0.00

    Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

  • CVE-2024-48015MedMar 17, 2025
    risk 0.44cvss 6.7epss 0.01

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this…

  • CVE-2025-36608MedJul 30, 2025
    risk 0.42cvss 6.5epss 0.00

    Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

  • CVE-2024-48017MedMar 17, 2025
    risk 0.42cvss 6.5epss 0.01

    Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this…

Page 1 of 2