Path Traversal Vulnerability in Dell Avamar Server and Avamar Virtual Edition
CVE-2026-22762

6.5MEDIUM

Key Information:

Vendor: Dell
Status: Avamar Server; Avamar Virtual Edition; Powerprotect Dp Series Appliance (idpa)
Vendor: CVE Published:; 17 February 2026

What is CVE-2026-22762?

Dell Avamar Server and Avamar Virtual Edition versions preceding 19.10 SP1 with CHF338912 are susceptible to a path traversal vulnerability. This flaw enables high privileged attackers with remote access to exploit the system. If successfully executed, it can allow the attacker to access restricted directories and delete arbitrary files, posing a significant risk to data integrity and security.

Affected Version(s)

Avamar Server 19.9 through 19.10 SP1 < 19.10 SP1 with CHF 338912 or later

Avamar Virtual Edition 19.9 through 19.10 SP1 < 19.10 SP1 with CHF 338912 or later

PowerProtect DP Series Appliance (IDPA) < 2.7.9 with AV CHF 338912

References

https://www.dell.com/support/kbdoc/en-us/000425796/dsa-20...

vendor-advisory

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 17, 2026
Vulnerability Reserved
Jan 9, 2026

Credit

Dell would like to thank LIUPENG for reporting this issue.

CVE-2026-22762 Data

JSON