CVE-2026-28262 | THREATINT

Description

Dell iDRAC Tools, versions prior to 11.4.1.0, contains an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information tampering.

PUBLISHED Reserved 2026-02-25 | Published 2026-06-09 | Updated 2026-06-09 | Assigner dell

MEDIUM: 6.0CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:H

Problem types

CWE-59: Improper Link Resolution Before File Access (Link Following)

Product status

Default status

unaffected

Any version before 11.4.1.0 or later

affected

References

www.dell.com/...ty-update-for-dell-idrac-tools-vulnerability vendor-advisory

cve.org (CVE-2026-28262)

nvd.nist.gov (CVE-2026-28262)

Download JSON