Dell CloudLink <=8.1: Privileged Command Injection via Console
CVE-2025-45379 Published on November 5, 2025

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection from console to gain shell access of system.

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

HIGH

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

What is a Shell injection Vulnerability?

The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVE-2025-45379 has been classified to as a Shell injection vulnerability or weakness.

Products Associated with CVE-2025-45379

Want to know whenever a new CVE is published for Dell Cloudlink? stack.watch will email you.

Dell Cloudlink

Affected Versions

Dell CloudLink:

Before 8.2 is affected.

Exploit Probability

EPSS

0.24%

Percentile

47.00%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Dell CloudLink <=8.1: Privileged Command Injection via ConsoleCVE-2025-45379 Published on November 5, 2025

Vulnerability Analysis

Weakness Type

What is a Shell injection Vulnerability?

Products Associated with CVE-2025-45379

Affected Versions

Exploit Probability

Dell CloudLink <=8.1: Privileged Command Injection via Console
CVE-2025-45379 Published on November 5, 2025