Dell Smartfabric Os10
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Dell Smartfabric Os10.
By the Year
In 2026 there have been 1 vulnerability in Dell Smartfabric Os10 with an average score of 6.6 out of ten. Last year, in 2025 Smartfabric Os10 had 17 security vulnerabilities published. Right now, Smartfabric Os10 is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 1.52
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 1 | 6.60 |
| 2025 | 17 | 8.12 |
| 2024 | 11 | 7.87 |
| 2023 | 0 | 0.00 |
| 2022 | 3 | 5.37 |
It may take a day or so for new Smartfabric Os10 vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Dell Smartfabric Os10 Security Vulnerabilities
Dell SmartFabric OS10 <10.5.6.12: Cmd Injection
CVE-2026-22284
6.6 - Medium
- February 17, 2026
Dell SmartFabric OS10 Software, versions prior to 10.5.6.12, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
Command Injection
Dell SmartFabric OS10 <10.6.1.0 Command Injection (CVE-2025-46427)
CVE-2025-46427
8.8 - High
- November 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
Command Injection
Dell SmartFabric OS10: CmdInjection via Improper Neutralization (v<10.6.1.0)
CVE-2025-46428
8.8 - High
- November 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.
Command Injection
Dell SmartFabric OS10 <10.6.1.0 Code Injection Vulnerability
CVE-2024-48829
6.7 - Medium
- November 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Control of Generation of Code ('Code Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Code Injection
Local Filesystem Access via Directory Listing – Dell SmartFabric OS10 <10.6.0.5
CVE-2025-30103
- July 30, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.
Files or Directories Accessible to External Parties
Dell SmartFabric OS10 XML External Entity before 10.6.0.5
CVE-2025-36608
- July 30, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
XXE
Dell SmartFabric OS10 <10.6.0.5 Hardcoded Password UAP
CVE-2025-36609
7.8 - High
- July 30, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Use of Hard-coded Password
Dell SmartFabric OS10 Command Injection 10.5.4-10.6.0 Local Exploit
CVE-2025-22473
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Command Injection
Dell SmartFabric OS10 10.5.4-10.6.0: Local Command Injection
CVE-2024-48015
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
Command Injection
Command Injection in Dell SmartFabric OS10 (10.5.4.x-10.6.0.x)
CVE-2024-48017
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution.
Command Injection
Dell SmartFabric OS10 10.5.4-10.6.0 Improper Privilege Management
CVE-2024-48828
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
Improper Privilege Management
Hard-Coded Password in Dell SmartFabric OS10 10.5.6.x – Local UAC Exploit
CVE-2024-48831
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, contain(s) a Use of Hard-coded Password vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
Use of Hard-coded Password
Dell SmartFabric OS10: Command Injection (Local Privilege Escalation)
CVE-2025-22472
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to execution of commands with elevated privileges.
Command Injection
Dell SmartFabric OS10 Low-Priv Attack -> PrivAssign Escalation (10.5.4-10.6.0)
CVE-2024-49561
7.8 - High
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Incorrect Privilege Assignment
Dell SmartFabric OS10 10.5.4-10.6.0 Default Password Use Vulnerability
CVE-2024-49559
8.8 - High
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Use of Default Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.
1393
Dell SmartFabric OS10 SSRF Vulnerability 10.5.4-10.6.0
CVE-2025-22474
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Server-side request forgery.
SSRF
Dell SmartFabric OS10 10.5.4–10.6.0 – Command Injection Vulnerability
CVE-2024-48830
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
Command Injection
Dell SmartFabric OS10 10.5.x-10.6.x: Exec with Unnecessary Privileges (EUP)
CVE-2024-48013
- March 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.
Execution with Unnecessary Privileges
Dell SmartFabric OS10 Software Privilege Escalation Vulnerability in Command Execution
CVE-2024-48837
7.8 - High
- November 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution
Execution with Unnecessary Privileges
Dell SmartFabric OS10 Software Local Privilege Escalation Vulnerability in Filesystem Access
CVE-2024-48838
3.3 - Low
- November 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a Files or Directories Accessible to External Parties vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for attacker.
Files or Directories Accessible to External Parties
Dell SmartFabric OS10 Command Injection Vulnerability in CLI
CVE-2024-49557
7.8 - High
- November 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution.
Command Injection
Dell SmartFabric OS10 Improper Privilege Management Vulnerability in Version 10.5.x
CVE-2024-49558
7.8 - High
- November 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges.
Improper Privilege Management
Dell SmartFabric OS10 Command Injection Vulnerability in CLI
CVE-2024-49560
7.8 - High
- November 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a command injection vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
Command Injection
Dell SmartFabric OS10 v10.5.x Command Injection Vulnerability
CVE-2024-39577
8.8 - High
- September 26, 2024
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability leading to code execution.
Command Injection
Dell SmartFabric OS10 Uncontrolled Resource Consumption DoS (v10.5.5.x)
CVE-2024-37125
7.5 - High
- September 26, 2024
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x,10.5.3.x, contains an Uncontrolled Resource Consumption vulnerability. A remote unauthenticated host could potentially exploit this vulnerability leading to a denial of service.
Resource Exhaustion
Dell SmartFabric OS10: HardCoded Password Vulnerability (v10.5.5.410.5.5.10, 10.5.6.x)
CVE-2024-39585
8.1 - High
- September 06, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an Use of Hard-coded Password vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Client-side request forgery and Information disclosure.
Use of Hard-coded Credentials
Dell SmartFabric OS10 <=10.5.5.10 & 10.5.6.x Command Injection Vulnerability
CVE-2024-38486
8.8 - High
- September 06, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.
Command Injection
Dell OS10 10.5.2+ ZeroMQ VLT RUE Info-Disclosure/DoS
CVE-2023-28078
9.1 - Critical
- February 15, 2024
Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are sent to the switch. This is a high severity vulnerability as it allows an attacker to view sensitive data. Dell recommends customers to upgrade at the earliest opportunity.
Improper Restriction of Communication Channel to Intended Endpoints
OS10 Switch 10.5.2.x+ Cmd Injection via Remote Auth
CVE-2023-32462
9.8 - Critical
- February 15, 2024
Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity.
Shell injection
OS10 10.5.x Crash via Scan (CVE202234424)
CVE-2022-34424
7.5 - High
- September 28, 2022
Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.
Memory Corruption
Dell OS10 - Remote Info Disclosure via REST API in Smart Fabric Services
CVE-2022-29089
4.9 - Medium
- September 28, 2022
Dell Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an information disclosure vulnerability. A remote, unauthenticated attacker could potentially exploit this vulnerability by reverse engineering to retrieve sensitive information and access the REST API with admin privileges.
Insufficiently Protected Credentials
Dell OS10 v10.5.3.4 Improper Cert Validation in Support Assist
CVE-2022-34394
3.7 - Low
- September 28, 2022
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information.
Improper Certificate Validation
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Dell Smartfabric Os10 or by Dell? Click the Watch button to subscribe.
