A path traversal vulnerability in the Dell EMC iDRAC technology can allow remote attackers to take over control of server operations. The vulnerability was fixed earlier in July, but researchers published a detailed analysis Tuesday. Dell has already released an update to the DRAC firmware that fixes the flaw and it recommends customers update as soon as possible. If exploited, the flaw can allow attackers to view content of server folders that should not be accessible even to someone who s logged in as an ordinary site user.
Source: https://threatpost.com/researchers-warn-of-high-severity-dell-poweredge-server-flaw/157795/