Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to the system. This is a critical severity vulnerability as it allows an attacker to take complete control of system; so Dell recommends customers to upgrade at the earliest opportunity.
History

Mon, 13 Jul 2026 22:00:00 +0000

Type Values Removed Values Added
Title Remote Path Traversal in Dell PowerProtect Data Domain Enables System Compromise

Sun, 12 Jul 2026 15:45:00 +0000

Type Values Removed Values Added
Title Remote Path Traversal in Dell PowerProtect Data Domain Enables System Compromise

Sat, 11 Jul 2026 20:45:00 +0000

Type Values Removed Values Added
Title Path Traversal Vulnerability in Dell PowerProtect Data Domain Allows Remote Control

Fri, 10 Jul 2026 22:30:00 +0000

Type Values Removed Values Added
Title Path Traversal Vulnerability in Dell PowerProtect Data Domain Allows Remote Control

Fri, 10 Jul 2026 06:45:00 +0000

Type Values Removed Values Added
Title Critical Path Traversal Vulnerability in Dell PowerProtect Data Domain

Thu, 09 Jul 2026 16:45:00 +0000

Type Values Removed Values Added
Title Critical Path Traversal Vulnerability in Dell PowerProtect Data Domain

Wed, 08 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Title Untrusted Input Path Traversal in Dell PowerProtect Data Domain Enables Remote Control

Wed, 08 Jul 2026 05:00:00 +0000

Type Values Removed Values Added
Title Untrusted Input Path Traversal in Dell PowerProtect Data Domain Enables Remote Control

Tue, 07 Jul 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Dell
Dell powerprotect Data Domain
Vendors & Products Dell
Dell powerprotect Data Domain

Tue, 07 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 07 Jul 2026 13:15:00 +0000

Type Values Removed Values Added
Description Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to the system. This is a critical severity vulnerability as it allows an attacker to take complete control of system; so Dell recommends customers to upgrade at the earliest opportunity.
Weaknesses CWE-22
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: dell

Published: 2026-07-07T13:02:37.613Z

Updated: 2026-07-08T03:56:41.732Z

Reserved: 2026-06-09T17:04:35.250Z

Link: CVE-2026-53481

cve-icon Vulnrichment

Updated: 2026-07-07T13:21:12.500Z

cve-icon NVD

No data.

cve-icon Redhat

No data.