CVE-2026-26944 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: April 20, 2026
Dell PowerProtect Data Domain - Authentication Bypass & Remote Code Execution
Overview
Dell PowerProtect Data Domain 7.7.1.0 through 8.6, LTS2025 8.3.1.0 through 8.3.1.20, and LTS2024 7.13.1.0 through 7.13.1.60 contain a missing authentication for critical function vulnerability, letting unauthenticated remote attackers execute arbitrary commands with root privileges, exploit requires an authenticated user to perform a specific action.
Severity & Score
Impact
Unauthenticated remote attackers can execute arbitrary commands with root privileges, leading to full system compromise.
Mitigation
Update to the latest available version beyond 8.6 or respective LTS versions.
Social Media Activity(2 posts)
š CVE-2026-26944 - High (8.8) Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a missing authentication for critical function vulnerability. An unauthentic... š https://www.thehackerwire.com/vulnerability/CVE-2026-26944/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-26944 - High (8.8) Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a missing authentication for critical function vulnerability. An unauthentic... š https://www.thehackerwire.com/vulnerability/CVE-2026-26944/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-26944
- Severity
- High
- CVSS Score
- 8.8
- Type
- broken_authentication
- Status
- unconfirmed
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-306
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H