Improper XML External Entity Reference Vulnerability in Dell SmartFabric OS10 Software
CVE-2025-36608

Currently unrated

Key Information:

Vendor: Dell
Status: SmartFabric OS10 Software
Vendor: CVE Published:; 30 July 2025

What is CVE-2025-36608?

Dell SmartFabric OS10 Software prior to version 10.6.0.5 is vulnerable to an improper restriction of XML External Entity Reference, which could allow a low privileged attacker with remote access to exploit the issue. This could potentially lead to unauthorized access to sensitive information, compromising the integrity and security of affected systems.

References

https://www.dell.com/support/kbdoc/en-us/000346195/dsa-20...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2025