CVE-2025-36574

Published Jun 10, 2025

Last updated 6 days ago

Overview

Description: Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and Unauthorized access.
Source: security_alert@emc.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Secondary
Base score: 8.2
Impact score: 4.2
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Severity: HIGH

Weaknesses

security_alert@emc.com: CWE-36

Hype score: Not currently trending

⚠️Actualización de seguridad para Dell Wyse Management Suite ❗CVE-2025-36574 ❗CVE-2025-36575 ➡️Más info: https://t.co/FIxSvhZzNU https://t.co/E9zONi8U7e
@CERTpy
12 Jun 2025
114 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96E13E26-D252-4083-9724-7812D40AD432",
            "versionEndExcluding": "5.2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.