EUVD-2025-18746

| CVE-2025-32753 MEDIUM
2025-06-20 [email protected]
5.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

3
EUVD ID Assigned
Mar 15, 2026 - 00:19 euvd
EUVD-2025-18746
Analysis Generated
Mar 15, 2026 - 00:19 vuln.today
CVE Published
Jun 20, 2025 - 14:15 nvd
MEDIUM 5.3

Tags

SQLi Information Disclosure Denial Of Service Dell Powerscale Onefs

Description

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains an improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, information disclosure, and information tampering.

Analysis

Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, contains an improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to denial of service, information disclosure, and information tampering.

Technical Context

SQL injection occurs when user-supplied input is incorporated into SQL queries without proper sanitization or parameterized queries.

Affected Products

Affected products: Dell Powerscale Onefs

Remediation

Use parameterized queries or prepared statements. Apply input validation and escape special characters. Implement least-privilege database accounts.

Priority Score

27
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +26
POC: 0

Share

EUVD-2025-18746 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy