CNNVD-202508-212 Information

CNNVD ID

CNNVD-202508-212

Related CVE

CVE-2025-36607

• CNNVD Published: 2025-08-04

Description (Chinese)

Dell Unity是美国戴尔（Dell）公司的一套虚拟Unity存储环境。 Dell Unity 5.5及之前版本存在操作系统命令注入漏洞，该漏洞源于svc_nas实用程序中的OS命令注入，可能导致执行任意命令。

Description (English)

Dell Unity is a virtual Unity storage environment for Dell in the United States. Dell Unity 5.5 and previous versions had a loophole in the operating system orders, which originated from an OS injection in the svc nas application, which could lead to the execution of arbitrary orders.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

戴尔

Published

2025-08-04

Last Modified

2026-02-24

References

https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Patch

https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities