CVE 8.8 HIGH

CVE-2025-46428_CVE-2025-46428

November 12, 2025 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.

AI Analysis

Command Injection vulnerability in Dell SmartFabric OS10 Software, allowing code execution

Basic Information

ID CVE-2025-46428

Source dell

Published Nov 12, 2025 at 19:57

Modified Nov 12, 2025 at 20:59

Affected Product

Vendor Dell

Product SmartFabric OS10 Software

Version prior to 10.6.1.0

Affected Versions Dell SmartFabric OS10 Software N/A

CWE Classification

CWE-77

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Dell

Product SmartFabric OS10 Software

Version prior to 10.6.1.0

References

www.dell.com /support/kbdoc/en-us/000391062/dsa-2025-407-security-update-for-dell-networking-os10-vulnerabilities

{
    "lastseen": "",
    "description": "Dell SmartFabric OS10 Software, versions prior to 10.6.1.0,  contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.",
    "published": "2025-11-12T19:57:04.843Z",
    "modified": "2025-11-12T20:59:53.724Z",
    "type": "cve",
    "title": "CVE-2025-46428",
    "source": "dell",
    "references": "https://www.dell.com/support/kbdoc/en-us/000391062/dsa-2025-407-security-update-for-dell-networking-os10-vulnerabilities",
    "id": "CVE-2025-46428",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77"
    ],
    "cvelist": null,
    "sourceData": "Dell SmartFabric OS10 Software N/A",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SmartFabric OS10 Software",
    "version": "prior to 10.6.1.0",
    "vendor": "Dell",
    "ai_description": "Command Injection vulnerability in Dell SmartFabric OS10 Software, allowing code execution",
    "ai_severity": "High",
    "ai_vendor": "Dell",
    "ai_product": "SmartFabric OS10 Software",
    "ai_version": "prior to 10.6.1.0",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply