CVE-2025-24381HIGH 8.8EPSS p66.8%

CVE-2025-24381CVE-2025-24381

Description

Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to a targeted application user being redirected to arbitrary web URLs. The vulnerability could be leveraged by attackers to conduct phishing attacks that cause users to divulge sensitive information. Exploitation may allow for session theft.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS1.30% probability of exploitation · percentile 66.8% · 2026-06-18T12:00:27Z
Published2025-03-28
Last modified2025-07-08

Underlying weaknesses· 1

CWE-601

References

  1. https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities

1

TypeTargetConfidenceTier
WeaknessURL Redirection to Untrusted Site ('Open Redirect')cwe-6010%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-26483
CVE
CVE-2025-36604
CVE
CVE-2025-24383
CVE
CVE-2025-22398
CVE
CVE-2025-0608
CVE
CVE-2026-28301
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.