CVE-2025-27026
- EPSS 0.07%
- Veröffentlicht 02.07.2025 13:42:42
- Zuletzt bearbeitet 11.02.2026 21:20:38
A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3 allows an authenticated administrator to make other management interfaces unavailable via local and network interfaces. The CLI deactivation via the We...
CVE-2025-27024
- EPSS 0.08%
- Veröffentlicht 02.07.2025 09:38:32
- Zuletzt bearbeitet 11.02.2026 21:28:14
Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections. Details: Account members of the Network Administrator profile can access the targ...
CVE-2025-27023
- EPSS 0.28%
- Veröffentlicht 02.07.2025 09:07:06
- Zuletzt bearbeitet 11.02.2026 21:31:06
Lack or insufficent input validation in WebGUI CLI web in Infinera G42 version R6.1.3 allows remote authenticated users to read all OS files via crafted CLI commands. Details: The web interface based management of the Infinera G42 appliance enabl...
CVE-2025-27022
- EPSS 0.08%
- Veröffentlicht 02.07.2025 08:52:54
- Zuletzt bearbeitet 11.02.2026 21:31:52
A path traversal vulnerability of the WebGUI HTTP endpoint in Infinera G42 version R6.1.3 allows remote authenticated users to download all OS files via HTTP requests. Details: Lack or insufficient validation of user-supplied input allows auth...
CVE-2025-27021
- EPSS 0.02%
- Veröffentlicht 02.07.2025 08:45:05
- Zuletzt bearbeitet 11.02.2026 21:37:46
The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low privileged OS users to read/write physical memory via devmem command line tool. This could allow sensitive information disclosure,...