CVE-2026-53478
Dell PowerProtect Data Domain OS Command Injection
Description
Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to command execution.
INFO
Published Date :
July 3, 2026, 2:03 p.m.
Last Modified :
July 3, 2026, 2:03 p.m.
Remotely Exploit :
Yes !
Source :
dell
CVSS Scores
| Score | Version | Severity | Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|---|
| CVSS 3.1 | HIGH | c550e75a-17ff-4988-97f0-544cde3820fe | ||||
| CVSS 3.1 | HIGH | [email protected] |
Solution
- Update to a fixed version of Dell PowerProtect Data Domain.
- Apply vendor-provided patches for your version.
- Restrict remote access for privileged users.
- Monitor for suspicious command execution.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2026-53478 vulnerability anywhere in the article.