Skip to main content

Idrac8 Firmware

9 CVEs product

Monthly

CVE-2021-21510 MEDIUM This Month

Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Code Injection Idrac8 Firmware
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-5344 CRITICAL Act Now

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Dell Idrac7 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2019-3764 MEDIUM This Month

Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Idrac7 Firmware Idrac8 Firmware Idrac9 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2019-3705 CRITICAL Act Now

Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Dell RCE Idrac6 Firmware Idrac7 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
4.2%
CVE-2018-15776 MEDIUM This Month

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an improper error handling vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Idrac7 Firmware Idrac8 Firmware
NVD
CVSS 3.0
6.8
EPSS
0.4%
CVE-2018-15774 HIGH This Week

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Dell Idrac7 Firmware Idrac8 Firmware +1
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2018-1244 HIGH This Week

Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Idrac7 Firmware Idrac8 Firmware Idrac9 Firmware
NVD
CVSS 3.0
8.8
EPSS
3.5%
CVE-2018-1243 HIGH This Week

Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Idrac6 Firmware Idrac7 Firmware Idrac8 Firmware +1
NVD
CVSS 3.0
7.5
EPSS
1.8%
CVE-2016-5685 HIGH This Week

Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Dell Idrac7 Firmware Idrac8 Firmware
NVD
CVSS 3.0
8.8
EPSS
0.6%
EPSS 1% CVSS 6.1
MEDIUM This Month

Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Code Injection Idrac8 Firmware
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +4
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to 2.70.70.70 and iDRAC9 versions prior to 3.36.36.36 contain an improper authorization vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Idrac7 Firmware +2
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Dell RCE +4
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an improper error handling vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Idrac7 Firmware +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Authentication Bypass Dell +3
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Idrac7 Firmware +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Idrac6 Firmware +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain Bash shell access through a string injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Dell Idrac7 Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy