Primary

Context

Dell PowerProtect Data Domain Improper Input Validation Vulnerability Allowing Arbitrary Command Execution

Vulnerability

Patched

A vulnerability exists in Dell PowerProtect Data Domain versions 8.5 through 8.6 due to improper input validation. This vulnerability allows a high-privileged attacker with remote access to execute arbitrary commands with root privileges on the affected system.

Impact

Exploitation of this vulnerability could lead to unauthorized arbitrary command execution with root privileges on the affected system.

Remediation

Users can upgrade to Dell PowerProtect Data Domain version 8.6.1.10, 8.7.0.0 or later. Instructions for upgrading the Data Domain Operating System are available on the Dell Support website.

Added: Apr 20, 2026, 5:50 PM

Updated: Apr 20, 2026, 5:50 PM

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

4.4

remediation

7.7

relevance

6.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.5

impact

7.5

exploitability

4.4

remediation

7.7

relevance

6.3

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dell PowerProtect Data Domain Improper Input Validation Vulnerability Allowing Arbitrary Command Execution

Vulnerability

Impact

Remediation

Affected Products

Dell PowerProtect Data Domain

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating