Skip to main content

Smartfabric Os10 CVE-2026-22284

MEDIUM
Command Injection (CWE-77)
2026-02-17 security_alert@emc.com
6.6
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.6 MEDIUM
AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
Patch released
Feb 26, 2026 - 22:03 nvd
Patch available
CVE Published
Feb 17, 2026 - 20:22 nvd
MEDIUM 6.6

DescriptionCVE.org

Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

AnalysisAI

Unauthenticated command injection in Dell SmartFabric OS10 versions before 10.5.6.12 allows high-privileged remote attackers to execute arbitrary commands on affected network devices. The vulnerability stems from improper sanitization of user-supplied input in command processing, requiring attacker knowledge of administrative credentials to trigger. A patch is available and administrators should prioritize updating affected systems given the severity of potential command execution impact.

Technical ContextAI

Classified as CWE-77 (Command Injection). Affects Smartfabric Os10. Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

RemediationAI

A vendor patch is available — apply it immediately. Restrict network access to the affected service where possible.

CVE-2024-48013 HIGH
8.8 Mar 17

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Execution with Unnecess

CVE-2024-49559 HIGH
8.8 Mar 17

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Use of Default Password

CVE-2024-39577 HIGH
8.8 Sep 26

Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of

CVE-2024-38486 HIGH
8.8 Sep 06

Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralizati

CVE-2024-48831 HIGH
8.4 Mar 17

Dell SmartFabric OS10 Software, version(s) 10.5.6.x, contain(s) a Use of Hard-coded Password vulnerability. Rated high s

CVE-2024-39585 HIGH
8.1 Sep 06

Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an Use of Hard-coded Pass

CVE-2024-48830 HIGH
7.8 Mar 17

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization

CVE-2025-22472 HIGH
7.8 Mar 17

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization

CVE-2025-22473 HIGH
7.8 Mar 17

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization

CVE-2024-49561 HIGH
7.8 Mar 17

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Ass

CVE-2024-49560 HIGH
7.8 Nov 12

Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulner

CVE-2024-49558 HIGH
7.8 Nov 12

Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Mana

Share

CVE-2026-22284 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy