OS Command Injection Vulnerability in Dell PowerProtect Data Domain
CVE-2026-49815
7.2HIGH
What is CVE-2026-49815?
Dell PowerProtect Data Domain software versions between 7.7.1.0 and 8.7, along with LTS versions 8.6.1.0 to 8.6.1.10, 8.3.1.0 to 8.3.1.30, and 7.13.1.0 to 7.13.1.70, are susceptible to an OS command injection vulnerability. This flaw allows privileged attackers with remote access to execute arbitrary OS commands, potentially leading to unauthorized actions on affected systems.
Affected Version(s)
PowerProtect Data Domain 0 < 8.8.0.0 or later
PowerProtect Data Domain 0 < 8.6.1.20 or later
PowerProtect Data Domain 0 < 8.3.1.40 or later