CVE-2026-22766
Published: 24 February 2026
Summary
CVE-2026-22766 is a high-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Dell Wyse Management Suite. Its CVSS base score is 7.2 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 45.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 CM-7 (Least Functionality) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2026-22766 is an Unrestricted Upload of File with Dangerous Type vulnerability (CWE-434) affecting Dell Wyse Management Suite (WMS) in versions prior to 5.5. This flaw allows unauthorized file uploads that could lead to remote code execution. The vulnerability received a CVSS v3.1 base score of 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.
A high-privileged attacker with remote network access can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation enables remote code execution on the affected WMS server, potentially allowing full system compromise within the attacker's privilege scope.
Dell Security Advisory DSA-2026-103, available at https://www.dell.com/support/kbdoc/en-us/000429141/dsa-2026-103, provides details on mitigation and patching instructions for this issue. Security practitioners should upgrade to WMS 5.5 or later to address the vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-8559
Vulnerability details
Dell Wyse Management Suite, versions prior to WMS 5.5, contain an Unrestricted Upload of File with Dangerous Type vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload (CWE-434) on public-facing WMS server directly enables web shell deployment for RCE via T1190 exploitation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces validation of uploaded file types and content to block dangerous files that enable RCE.
Restricts upload functionality and executable file types to the minimum required, eliminating the unrestricted upload vector.
Limits which privileged accounts can perform file-upload changes and enforces change-control checks on the WMS server.