Dell CVE-2026-26943

| EUVD-2026-23898 HIGH
OS Command Injection (CWE-78)
2026-04-20 dell
Command Injection Dell
7.2
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Re-analysis Queued
Apr 20, 2026 - 19:07 vuln.today
cvss_changed
Analysis Generated
Apr 20, 2026 - 17:53 vuln.today
Patch available
Apr 20, 2026 - 17:16 EUVD

DescriptionNVD

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges.

AnalysisAI

OS command injection in Dell PowerProtect Data Domain allows authenticated administrative users with network access to execute arbitrary commands with root privileges. Affects multiple release branches (7.7.1.0-8.6, LTS2025 8.3.1.0-8.3.1.20, LTS2024 7.13.1.0-7.13.1.60). …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: inventory all Dell PowerProtect Data Domain deployments and document current versions (7.7.1.0-8.6, LTS2025 8.3.1.0-8.3.1.20, LTS2024 7.13.1.0-7.13.1.60). Within 7 days: apply vendor patches (8.6.1.10 for standard branch, 7.13.1.70 for LTS2024, 8.3.1.30 for LTS2025) to all systems; coordinate with backup operations to schedule during maintenance windows. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-26943 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy