CVE-2020-5330

HIGH

Dell EMC Networking X-Series <3.0.1.2, PC5500 <4.1.0.22, PowerEdge VRTX Switch Modules <2.0.0.77 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-5330. PoCs published by Ken Pyle.

AI-analyzed exploit summary This exploit targets an information disclosure vulnerability in Dell EMC Networking PC5500 firmware versions 4.1.0.22 and Cisco Sx / SMB devices. It retrieves SHA1 hashes of user passwords via API endpoints and attempts to crack them using a provided password file.

Description

Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions 4.1.0.22 and older and Dell EMC PowerEdge VRTX Switch Modules firmware versions 2.0.0.77 and older contain an information disclosure vulnerability. A remote unauthenticated attacker could exploit this vulnerability to retrieve sensitive data by sending a specially crafted request to the affected endpoints.

Exploits (1)

exploitdb WORKING POC

by Ken Pyle · pythonremotehardware

https://www.exploit-db.com/exploits/51248

View Code ZIP pw:eip

This exploit targets an information disclosure vulnerability in Dell EMC Networking PC5500 firmware versions 4.1.0.22 and Cisco Sx / SMB devices. It retrieves SHA1 hashes of user passwords via API endpoints and attempts to crack them using a provided password file.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Dell EMC Networking PC5500 firmware versions 4.1.0.22, Cisco Sx / SMB

No auth needed

Prerequisites: Network access to the target device · A password file for hash comparison

MITRE ATT&CK

T1552 - Unsecured Credentials T1110 - Brute Force

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory, VDB Entry

http://packetstormsecurity.com/files/171723/Cisco-Dell-Netgear-Information-Disclosure-Hash-Decrypter.html

Vendor Advisory

https://www.dell.com/support/article/en-us/sln320366/dsa-2020-042-dell-emc-networking-security-update-for-an-information-disclosure-vulnerability?lang=en

Scores

CVSS v3 8.1

EPSS 0.1294

EPSS Percentile 95.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-200

Status published

Products (5)

dell/pc5500_firmware < 4.1.0.22

dell/r1-2210_firmware < 3.0.1.2

dell/r1-2401_firmware < 3.0.1.2

dell/x1000_firmware < 2.0.0.77

dell/x4012_firmware < 2.0.0.77

Published Apr 10, 2020

Tracked Since Feb 18, 2026