Primary

Context

Dell Secure Connect Gateway Relative Path Traversal Vulnerability in REST API

Vulnerability

Patched

A relative path traversal vulnerability has been identified in Dell Secure Connect Gateway (SCG) version 5.0, specifically in the Application and Appliance editions, within the range of versions 5.26.00.00 to 5.30.00.00. This vulnerability affects an internal collection download REST API, but only if the API is enabled by an admin user through the user interface. A low-privileged attacker with remote access could exploit this vulnerability to traverse relative paths and access restricted resources.

Impact

Exploitation of this vulnerability could lead to unauthorized access to restricted resources via relative path traversal.

Remediation

Users can upgrade to Dell Secure Connect Gateway version 5.32.00 or later to address this vulnerability. Instructions for downloading the update are available on the Dell Secure Connect Gateway Application Edition and Virtual Edition product support pages.

Added: Oct 30, 2025, 4:23 PM

Updated: Oct 30, 2025, 4:23 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell Secure Connect Gateway Relative Path Traversal Vulnerability in REST API

Vulnerability

Impact

Remediation

Affected Products

Dell Secure Connect Gateway

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating