Security Vulnerability Report
中文
CVE-2026-22275 CVSS 4.4 MEDIUM

CVE-2026-22275

Published: 2026-01-23 10:15:54
Last Modified: 2026-02-18 13:55:43
Source: [email protected]

Description

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Inclusion of Sensitive Information in Source Code vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure.

CVSS Details

CVSS Score
4.4
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Configurations (Affected Products)

cpe:2.3:a:dell:elastic_cloud_storage:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:a:dell:objectscale:*:*:*:*:*:*:*:* - VULNERABLE
Dell ECS 3.8.1.0 through 3.8.1.7
Dell ObjectScale < 4.2.0.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2026-22275 PoC - Sensitive Information in Source Code # This PoC demonstrates detection of hardcoded credentials in Dell ECS/ObjectScale import os import re import subprocess def search_for_sensitive_data(base_path): """Search for hardcoded sensitive information in application files""" patterns = { 'passwords': [r'password\s*=\s*["\'][^"\']+["\']', r'pwd\s*[:=]\s*["\'][^"\']+["\']'], 'api_keys': [r'api[_-]?key\s*[:=]\s*["\'][A-Za-z0-9]{16,}["\']'], 'tokens': [r'token\s*[:=]\s*["\'][A-Za-z0-9+/=]{20,}["\']'], 'secrets': [r'secret[_-]?key\s*[:=]\s*["\'][^"\']+["\']'] } findings = [] for root, dirs, files in os.walk(base_path): for file in files: if file.endswith(('.py', '.js', '.java', '.xml', '.conf', '.config', '.properties')): filepath = os.path.join(root, file) try: with open(filepath, 'r', encoding='utf-8', errors='ignore') as f: content = f.read() for data_type, regexes in patterns.items(): for regex in regexes: if re.search(regex, content, re.IGNORECASE): findings.append({ 'file': filepath, 'type': data_type, 'pattern': regex }) except Exception as e: pass return findings def check_ecs_version(): """Check if Dell ECS version is vulnerable""" try: version_file = '/opt/dell/ecs/version.conf' if os.path.exists(version_file): with open(version_file) as f: content = f.read() version_match = re.search(r'version\s*=\s*([\d.]+)', content) if version_match: version = version_match.group(1) parts = version.split('.') if len(parts) >= 2: major_minor = f"{parts[0]}.{parts[1]}" if major_minor == "3.8" and len(parts) >= 3: patch = int(parts[2]) if 0 <= patch <= 7: return True, version except: pass return False, None if __name__ == '__main__': print("CVE-2026-22275 Detection Script") print("=" * 50) # Check version is_vulnerable, version = check_ecs_version() if is_vulnerable: print(f"[VULNERABLE] Dell ECS version {version} is affected") else: print("[INFO] Version check completed") # Search for sensitive data print("\nSearching for hardcoded sensitive information...") base_paths = ['/opt/dell/ecs', '/opt/dell/objectscale', '/etc/dell'] all_findings = [] for path in base_paths: if os.path.exists(path): findings = search_for_sensitive_data(path) all_findings.extend(findings) if all_findings: print(f"\n[!] Found {len(all_findings)} potential sensitive information exposures:") for finding in all_findings[:10]: print(f" - {finding['file']} ({finding['type']})") else: print("[OK] No obvious hardcoded credentials found")

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-22275", "sourceIdentifier": "[email protected]", "published": "2026-01-23T10:15:53.643", "lastModified": "2026-02-18T13:55:42.743", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Inclusion of Sensitive Information in Source Code vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure."}, {"lang": "es", "value": "Dell ECS, versiones 3.8.1.0 hasta 3.8.1.7, y Dell ObjectScale versiones anteriores a 4.2.0.0, contiene una vulnerabilidad de Inclusión de Información Sensible en el Código Fuente. Un atacante con pocos privilegios con acceso local podría potencialmente explotar esta vulnerabilidad, lo que lleva a la exposición de información."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "baseScore": 4.4, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.8, "impactScore": 2.5}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-540"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:dell:elastic_cloud_storage:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.8.1.0", "versionEndExcluding": "4.2.0.0", "matchCriteriaId": "8FFE0BD5-DC60-46D3-9A26-6E82DBB982EC"}, {"vulnerable": true, "criteria": "cpe:2.3:a:dell:objectscale:*:*:*:*:*:*:*:*", "versionEndExcluding": "4.2.0.0", "matchCriteriaId": "25F884EC-C7A1-4734-8C17-08BFF2046175"}]}]}], "references": [{"url": "https://www.dell.com/support/kbdoc/en-us/000415880/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.