CVE-2025-27020
- EPSS 0.17%
- Veröffentlicht 08.12.2025 09:26:27
- Zuletzt bearbeitet 22.12.2025 18:55:35
Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0.
CVE-2025-27019
- EPSS 0.06%
- Veröffentlicht 08.12.2025 09:22:19
- Zuletzt bearbeitet 22.12.2025 18:55:45
Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0.
CVE-2025-26489
- EPSS 0.13%
- Veröffentlicht 08.12.2025 08:56:12
- Zuletzt bearbeitet 22.12.2025 18:55:55
Improper input validation in the Netconf service in Infinera MTC-9 allows remote authenticated users to crash the service and reboot the appliance, thus causing a DoS condition, via crafted XML payloads.This issue affects MTC-9: from R22.1.1.0275 b...
CVE-2025-26488
- EPSS 0.08%
- Veröffentlicht 08.12.2025 08:52:47
- Zuletzt bearbeitet 22.12.2025 18:56:00
Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a reboot of the appliance, thus causing a DoS condition, via crafted XML payloads.This issue affects MTC-9: from R22.1.1.02...
CVE-2025-26487
- EPSS 0.05%
- Veröffentlicht 08.12.2025 08:44:34
- Zuletzt bearbeitet 22.12.2025 18:56:07
Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows remote unauthenticated users to gain access to other network resources using HTTPS requests through the appliance used as a bridge.