Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary code execution.
2025-03-07T08:15:43.040
2025-07-01T15:08:21.283
Analyzed
CVSSv3.1: 7.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | dell | thinos | ≤ 2411 | Yes |
| Hardware | dell | latitude_3420 | - | No |
| Hardware | dell | latitude_3440 | - | No |
| Hardware | dell | latitude_5440 | - | No |
| Hardware | dell | latitude_5450 | - | No |
| Hardware | dell | optiplex_3000_thin_client | - | No |
| Hardware | dell | optiplex_5400_all-in-one | - | No |
| Hardware | dell | optiplex_7410_all-in-one | - | No |
| Hardware | dell | optiplex_7420_all-in-one | - | No |
| Hardware | dell | wyse_5070_thin_client | - | No |
| Hardware | dell | wyse_5470_all-in-one_thin_client | - | No |
| Hardware | dell | wyse_5470_mobile_thin_client | - | No |