HIGH SeverityCVSS 3.18.1CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2025-9661

Last updated May 07, 2026 · Published May 07, 2026

Description

OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28. This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00.

Affected products

1 listed

Hitachi:Hitachi Virtual Storage Platform One Block 23; Hitachi:Hitachi Virtual Storage Platform One Block 24; Hitachi:Hitachi Virtual Storage Platform One Block 26; Hitachi:Hitachi Virtual Storage Platform One Block 28

Mappings

CWE

CWE-78

CAPEC

CAPEC-88

Research

Command injection: how it works and how to prevent itCommand injection happens when untrusted input reaches a shell or process spawn. Avoid the shell, pass…

Training

Injection TodaySQL, NoSQL, ORM, and LLM injection - what's changed and what hasn't.

CVE-2025-9661

Description

Affected products

Mappings

Related