Home

Description

Dell Avamar, versions prior to 19.12 with patch 338905, contains an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the Security. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to upload malicious files.

PUBLISHED Reserved 2025-04-15 | Published 2026-02-17 | Updated 2026-02-17 | Assigner dell




MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Problem types

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unaffected

19.8 through 19.12 (semver) before 9.12 with CHF 338905 or later
affected

Default status
unaffected

Any version before 2.7.9 with AV CHF 338905
affected

Credits

Dell would like to thank zzcentury for reporting this issue. finder

References

www.dell.com/...mar-virtual-edition-multiple-vulnerabilities vendor-advisory

cve.org (CVE-2025-36598)

nvd.nist.gov (CVE-2025-36598)

Download JSON