Vulnerability: Dell iDRAC7/8 Devices - Remote Code Injection

Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code.

Impact

Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected device.

Severity

critical

Verified

Unknown