CVE-2025-36604 Information

Description

Dell Unity version(s) 5.5 and prior contain(s) an Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability leading to arbitrary command execution.

Reference

https://www.dell.com/support/kbdoc/en-si/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

Related CNNVD

CNNVD-202508-209 (Published: 2025-08-04)