Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Local access and high administrative privilege are both required per description; successful injection grants full OS command execution, justifying C:H/I:H/A:H within the unscoped vulnerable system.
Primary rating from Vendor (dell).
CVSS VectorVendor: dell
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution.
AnalysisAI
OS command injection in Dell PowerProtect Data Domain across four supported release tracks allows a high-privileged local attacker to execute arbitrary operating system commands. Affected versions span the main release line (7.7.1.0-8.7) as well as LTS2024, LTS2025, and LTS2026 branch releases. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires two simultaneous conditions confirmed by the CVSS vector: local system access (AV:L) - meaning physical console, SSH session, or equivalent OS-level access to the appliance - AND a high-privilege role or credential on the Data Domain system (PR:H). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 6.7 Medium score accurately reflects the constrained exploitation conditions: AV:L (local access only) and PR:H (high privileges required) together mean the attacker must already occupy a privileged position on the appliance. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who already holds a high-privilege account on the Dell PowerProtect Data Domain appliance - whether a malicious insider, a compromised administrator credential, or an actor who has previously pivoted onto the management host - submits a crafted parameter containing shell metacharacters through an administrative CLI or management interface. The application passes the unsanitized input to an OS-level function, and the shell interprets injected tokens as discrete commands. … |
| Remediation | The primary remediation is to apply vendor-released patches per Dell Security Advisory DSA-2026-278 (https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities); specific fix versions for each release track are documented there and were not independently confirmed in the data available for this analysis. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Powerprotect Data Domain
View allDell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficie
Arbitrary OS command execution in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025
OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025, and LTS2
Authenticated OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-
Integer overflow in Dell PowerProtect Data Domain across multiple release trains (main, LTS2024, LTS2025, LTS2026) expos
Format string exploitation in Dell PowerProtect Data Domain enables remote high-privileged attackers to disclose memory
Symlink-following vulnerability in Dell PowerProtect Data Domain allows a high-privileged remote attacker to traverse ou
Incorrect permission assignment on a critical resource in Dell PowerProtect Data Domain exposes sensitive data to high-p
Link-following exploitation in Dell PowerProtect Data Domain enables a high-privileged local attacker to read files outs
Dell PowerProtect Data Domain's handling of a less-trusted data source allows a remote, high-privileged attacker to perf
Path traversal in Dell PowerProtect Data Domain allows a locally authenticated high-privileged attacker to read files ou
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41553
GHSA-hx78-853f-cj6m