Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Remote management access with low complexity but requires existing high-privilege admin account (PR:H); command injection into the OS yields full C/I/A impact on the appliance without scope change.
Primary rating from Vendor (dell).
CVSS VectorVendor: dell
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to execution of arbitrary OS commands.
AnalysisAI
OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025, and LTS2024 maintenance branches) lets an authenticated high-privileged remote attacker execute arbitrary operating-system commands on the appliance via improperly neutralized special characters (CWE-78). Because the attacker already holds elevated privileges, the flaw functions as a privilege-boundary and integrity break - turning administrative access into full underlying-OS command execution with high confidentiality, integrity, and availability impact. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to already hold high-privileged (administrative) access to the appliance - CVSS PR:H - and network reachability to the Data Domain management/CLI interface (AV:N); no end-user interaction is needed (UI:N) and attack complexity is low (AC:L). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score is 7.2 (High) with vector AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - network-reachable and low-complexity, but critically gated by PR:H, meaning the attacker must already possess high (administrative) privileges on the appliance. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained high-privilege administrative credentials on a Data Domain appliance - whether an insider, a compromised admin account, or someone who phished management access - connects to the remote management interface and submits a parameter containing shell metacharacters into a command-invoking operation. The injected characters break out of the intended command and execute arbitrary OS commands on the appliance, giving control over the underlying system and the backup protection storage. … |
| Remediation | Apply the fixed Data Domain OS (DDOS) release for your track as published in Dell advisory DSA-2026-278 (https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities); the exact patched build numbers are not enumerated in the provided input, so consult the advisory for the specific fixed version corresponding to your mainline (7.7.1.0-8.7) or LTS (8.6.1.x, 8.3.1.x, 7.13.1.x) branch - treat this as 'patch available per vendor advisory' rather than an independently confirmed version. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all Dell PowerProtect Data Domain appliances; identify systems running versions 7.7.1.0 through 8.7 or LTS2024/LTS2025/LTS2026 maintenance branches; restrict administrative access to documented business-need basis only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Powerprotect Data Domain
View allDell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficie
Arbitrary OS command execution in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025
Authenticated OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-
OS command injection in Dell PowerProtect Data Domain across four supported release tracks allows a high-privileged loca
Integer overflow in Dell PowerProtect Data Domain across multiple release trains (main, LTS2024, LTS2025, LTS2026) expos
Format string exploitation in Dell PowerProtect Data Domain enables remote high-privileged attackers to disclose memory
Symlink-following vulnerability in Dell PowerProtect Data Domain allows a high-privileged remote attacker to traverse ou
Incorrect permission assignment on a critical resource in Dell PowerProtect Data Domain exposes sensitive data to high-p
Link-following exploitation in Dell PowerProtect Data Domain enables a high-privileged local attacker to read files outs
Dell PowerProtect Data Domain's handling of a less-trusted data source allows a remote, high-privileged attacker to perf
Path traversal in Dell PowerProtect Data Domain allows a locally authenticated high-privileged attacker to read files ou
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41549
GHSA-363q-xrjc-rqpj