Path Traversal Vulnerability in Dell Avamar Security Features
CVE-2025-36598

6.5MEDIUM

Key Information:

Vendor: Dell
Status: Avamar Virtual Edition; Powerprotect Dp Series Appliance (idpa)
Vendor: CVE Published:; 17 February 2026

What is CVE-2025-36598?

Dell Avamar has a potential security vulnerability that allows high-privileged remote attackers to perform path traversal. This flaw can enable unauthorized file uploads to restricted directories, posing significant risks to data integrity and security. Users of affected versions should apply the necessary patches to mitigate this threat.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Avamar Virtual Edition 19.8 through 19.12 < 9.12 with CHF 338905 or later

PowerProtect DP Series Appliance (IDPA) < 2.7.9 with AV CHF 338905

References

https://www.dell.com/support/kbdoc/en-us/000347698/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 17, 2026
Vulnerability Reserved
Apr 15, 2025

Credit

Dell would like to thank zzcentury for reporting this issue.

JSON

Dell

What is CVE-2025-36598?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.