RETIRED: Dell iDRAC6 CVE-2015-7274 Arbitrary Command Execution Vulnerability

Dell iDRAC6 is prone to a vulnerability that let attackers execute arbitrary commands.

Successful exploits will allow attackers to execute arbitrary commands in the context of the affected application. This may further aid in other attacks.

Versions prior to Dell iDRAC6 2.80 are vulnerable.

NOTE: This BID is being retired as it is a duplicate of BID 97546 (Dell iDRAC6 CVE-2015-7274 Arbitrary Command Execution Vulnerability).

Information

Bugtraq ID: 97545
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Apr 09 2017 12:00AM
Updated: Apr 11 2017 04:02PM
Credit: The vendor reported this issue.
Vulnerable: Dell iDRAC6 1.95
Dell iDRAC6 1.7
Dell iDRAC6 1.41

Not Vulnerable: Dell iDRAC6 2.80

References:

• iDRAC6 Homepage (Dell)
  

Source: www.securityfocus.com