CVE-2026-28265
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-28265
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PowerStore, contains a Path Traversal vulnerability in the Service user. A low privileged attacker with local access could potentially exploit this vulnerability, leading to modification of arbitrary system files.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
路径遍历:’…/…//’
Source: NVD (National Vulnerability Database)
Vulnerability Title
Dell PowerStore 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Dell PowerStore是美国戴尔(Dell)公司的一个可扩展全闪存阵列存储。 Dell PowerStore存在安全漏洞,该漏洞源于服务用户存在路径遍历问题,可能导致具有本地访问权限的低权限攻击者修改任意系统文件。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Dell | PowerStore | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 500T | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 1000T | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 1200T | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 3000T | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 3200Q | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 3200T | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 5000T | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 5200Q | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 5200T | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 7000T | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 9000T | 0 ~ 4.4.0.0-2692403 or later | - | |
| Dell | PowerStore 9200T | 0 ~ 4.4.0.0-2692403 or later | - |
II. Public POCs for CVE-2026-28265
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-28265
请登录查看更多情报信息。
Same Patch Batch · Dell · 2026-04-01 · 4 CVEs total
| CVE-2026-22768 | 7.3 HIGH | Dell AppSync 安全漏洞 |
| CVE-2026-22767 | 7.3 HIGH | Dell AppSync 安全漏洞 |
| CVE-2026-27101 | 4.7 MEDIUM | Dell Secure Connect Gateway 路径遍历漏洞 |
IV. Related Vulnerabilities
Same weakness: CWE-35
- CVE-2026-42274
Heimdall: Authorization bypass via path normalization mismat - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-0205
SonicWALL SonicOS 安全漏洞 - CVE-2026-6074
Path traversal: '.../...//' in Intrado 911 Emergency Gateway - CVE-2026-25397
WordPress File Uploader for WooCommerce plugin <= 1.0.4 - Pa
V. Comments for CVE-2026-28265
No comments yet