Path Traversal Vulnerability in Dell Avamar
CVE-2025-36597

4.7MEDIUM

Key Information:

Vendor: Dell
Status: Avamar Server; Avamar Virtual Edition; Powerprotect Dp Series Appliance (idpa)
Vendor: CVE Published:; 17 February 2026

What is CVE-2025-36597?

Dell Avamar contains a vulnerability that allows high privileged attackers to exploit improper limitations on pathnames. This flaw could enable unauthorized access and lead to potential information disclosure. It is critical for users to ensure their systems are updated with the latest security patches to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Avamar Server 19.8 through 19.12

Avamar Virtual Edition 19.8 through 19.12

PowerProtect DP Series Appliance (IDPA) < N/A

References

https://www.dell.com/support/kbdoc/en-us/000347698/dsa-20...

vendor-advisory

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 17, 2026
Vulnerability Reserved
Apr 15, 2025

Credit

Dell would like to thank zzcentury for reporting this issue

JSON

Dell