Primary

Context

Dell CloudLink Command Injection Vulnerability Allowing Shell Access for Privileged Users

Vulnerability

Patched

A command injection vulnerability has been identified in Dell CloudLink versions prior to 8.2. This issue allows a privileged user with a known password to execute commands via the console, potentially leading to unauthorized shell access on the system. If SSH is enabled with the web credentials of the server, this vulnerability could be exploited remotely.

Impact

Exploitation of this vulnerability could result in unauthorized shell access on the system, allowing for command execution with elevated privileges.

Remediation

Users are advised to update to Dell CloudLink version 8.2 or later. Instructions for downloading the update are available on the Dell CloudLink Downloads page.

Added: Nov 5, 2025, 5:24 PM

Updated: Nov 5, 2025, 5:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell CloudLink Command Injection Vulnerability Allowing Shell Access for Privileged Users

Vulnerability

Impact

Remediation

Affected Products

Dell CloudLink

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating