Volerion logoVolerion
Volerion logoVolerion

Dell Secure Connect Gateway SQL Injection Vulnerability

Vulnerability

A SQL injection vulnerability has been identified in the Dell Secure Connect Gateway (SCG) Application and Appliance, in versions prior to 5.28. This vulnerability arises from improper handling of special elements in SQL commands, allowing a high-privilege attacker with local access to the system to exploit it. The exploitation could lead to the disclosure of non-sensitive information, excluding any customer data.

Impact

Exploitation of this vulnerability could result in unauthorized access to non-sensitive information, with the potential for SQL injection attacks to be used as a precursor to more severe exploits, such as executing arbitrary code or escalating privileges.

Remediation

Users can upgrade to version 5.28.00 or later to address this vulnerability. Drivers for the updated version are available on the Dell Support website for both the Application and Appliance editions of Secure Connect Gateway.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
1.9
impact
0.6
exploitability
3.4
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.