VYPR

EMC NetWorker

by Dell

CVEs (19)

  • CVE-2023-28055HigSep 27, 2023
    risk 0.57cvss 8.8epss 0.00

    Dell NetWorker, Version 19.7 has an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within the same network could potentially exploit this by manipulating a command leading to gain of complete access to the server file further resulting…

  • CVE-2023-25539HigMay 31, 2023
    risk 0.55cvss 8.4epss 0.01

    Dell NetWorker 19.6.1.2, contains an OS command injection Vulnerability in the NetWorker client. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the…

  • CVE-2024-42422HigDec 3, 2024
    risk 0.54cvss 8.3epss 0.00

    Dell NetWorker, version(s) 19.10, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

  • CVE-2021-21558HigJun 8, 2021
    risk 0.53cvss 8.2epss 0.00

    Dell EMC NetWorker, 18.x, 19.1.x, 19.2.x 19.3.x, 19.4 and 19.4.0.1, contains an Information Disclosure vulnerability. A local administrator of the gstd system may potentially exploit this vulnerability to read LDAP credentials from local logs and use the stolen credentials to…

  • CVE-2018-1218HigMar 19, 2018
    risk 0.53cvss 7.5epss 0.14

    In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to 9.1.1.6, 9.0.x, and versions prior to 8.2.4.11, the 'nsrd' daemon causes a buffer overflow condition when handling certain messages. A remote unauthenticated attacker could potentially exploit this vulnerability…

  • CVE-2025-21107HigJan 30, 2025
    risk 0.51cvss 7.8epss 0.00

    Dell NetWorker, version(s) prior to 19.11.0.3, all versions of 19.10 & prior versions contain(s) an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.

  • CVE-2021-21546HigJul 29, 2021
    risk 0.51cvss 7.8epss 0.00

    Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosure in Log Files vulnerability. A local low-privileged user of the Networker server could potentially exploit this vulnerability to read plain-text credentials from server log…

  • CVE-2023-24576HigFeb 3, 2023
    risk 0.49cvss 7.5epss 0.01

    EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the NetWorker Client execution service (nsrexecd) irrespective of any auth used.

  • CVE-2021-21559HigJun 8, 2021
    risk 0.46cvss 7.1epss 0.00

    Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19.4.0.1 contain an Improper Certificate Validation vulnerability in the client (NetWorker Management Console) components which uses SSL encrypted connection in order to communicate with the application server.…

  • CVE-2021-21570MedSep 28, 2021
    risk 0.44cvss 6.8epss 0.01

    Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.

  • CVE-2021-21569MedSep 28, 2021
    risk 0.44cvss 6.8epss 0.01

    Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.

  • CVE-2020-26183MedOct 16, 2020
    risk 0.44cvss 6.8epss 0.01

    Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability. Certain remote users with low privileges may exploit this vulnerability to perform 'nsrmmdbd' operations in an unintended manner.

  • CVE-2020-26182MedOct 16, 2020
    risk 0.44cvss 6.8epss 0.01

    Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable…

  • CVE-2021-21600MedAug 10, 2021
    risk 0.42cvss 6.5epss 0.01

    Dell EMC NetWorker, 19.4 or older, contain an uncontrolled resource consumption flaw in its API service. An authorized API user could potentially exploit this vulnerability via the web and desktop user interfaces, leading to denial of service in the manageability path.

  • CVE-2021-36311MedNov 23, 2021
    risk 0.39cvss 6.0epss 0.00

    Dell EMC Networker versions prior to 19.5 contain an Improper Authorization vulnerability. Any local malicious user with networker user privileges may exploit this vulnerability to upload malicious file to unauthorized locations and execute it.

  • CVE-2023-24568MedMay 30, 2023
    risk 0.33cvss 5.0epss 0.00

    Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.

  • CVE-2025-36582MedJul 1, 2025
    risk 0.31cvss 4.8epss 0.00

    Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure.

  • CVE-2025-21104MedMar 13, 2025
    risk 0.28cvss 4.3epss 0.00

    Dell NetWorker, versions prior to 19.11.0.4 and version 19.12, contains an URL Redirection to Untrusted Site ('Open Redirect') Vulnerability in NetWorker Management Console. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a…

  • CVE-2022-29082LowMay 26, 2022
    risk 0.24cvss 3.7epss 0.00

    Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could…