CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-22397

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G versions 6.10.80.00 through 7.20.10.50 and Dell Integrated Dell Remote Access Controller 10, 17G versions prior to 1.20.25.00, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.4%

CVSS Severity

CVSS v3 Score 6.7

References

https://www.dell.com/support/kbdoc/en-us/000384516/dsa-2025-376-security-update-for-dell-idrac9-and-idrac10-vulnerabilities

Products affected by CVE-2025-22397

Dell » Idrac10 » Version: N/A

cpe:2.3:h:dell:idrac10:-
Dell » Idrac9 » Version: N/A

cpe:2.3:h:dell:idrac9:-
Dell » Idrac10 Firmware » Version: Any

cpe:2.3:o:dell:idrac10_firmware:*
Dell » Idrac9 Firmware » Version: Any

cpe:2.3:o:dell:idrac9_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-22397

Products

Pricing

Contact Us