CVE-2025-26488

EPSS 0.08%
Veröffentlicht 08.12.2025 08:52:47
Zuletzt bearbeitet 22.12.2025 18:56:00
Quelle a6d3dc9e-0591-4a13-bce7-0f5b31
CVE-Watchlists
Login
Unerledigt
Login

Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a 
reboot of the appliance, thus causing a DoS condition, via crafted XML 
payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Nokia ≫ Infinera Mtc-9 Firmware Version >= 22.1.1.0275 < 23.0

Nokia ≫ Infinera Mtc-9 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.229

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
a6d3dc9e-0591-4a13-bce7-0f5b31ff6158	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.cvcn.gov.it/cvcn/cve/CVE-2025-26488

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-26488

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-26488

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-26488

EUVD