CVE-2025-46363 MEDIUM

CVE-2025-46363

Vendor Dell
Product Secure Connect Gateway SCG 5.0 Application and Appliance
Weakness CWE-23
Published October 30, 2025
Last update October 30, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00.00, contain a Relative Path Traversal vulnerability in the SCG exposed for an internal collection download REST API (if this REST API is enabled by Admin user from UI). A low privileged attacker with remote access could potentially exploit this vulnerability, leading to allowing relative path traversal to restricted resources.

Key dates

02Disclosure timeline

October 30, 2025 CVE published
October 30, 2025 Record updated