Command Injection Vulnerability in Dell CloudLink Affects User Security
CVE-2025-45379

8.4HIGH

Key Information:

Vendor: Dell
Status: ClouD-Link
Vendor: CVE Published:; 5 November 2025

What is CVE-2025-45379?

Dell CloudLink has a security flaw that allows a privileged user with the correct password to execute command injection through the console. This vulnerability can potentially provide unauthorized shell access to the system, exposing sensitive information and compromising overall security. Administrators are encouraged to upgrade to a safe version to mitigate risks associated with this vulnerability.

Affected Version(s)

CloudLink < 8.2

References

https://www.dell.com/support/kbdoc/en-us/000384363/dsa-20...

vendor-advisory

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 5, 2025
Vulnerability Reserved
Apr 22, 2025

JSON