Vulnerability in Infinera G42
CVE-2025-27026
A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3 allows an authenticated administrator to make other management interfaces unavailable via local and network interfaces. The CLI deactivation…
EPSS: 0.003 (25.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.9 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H.
Affected products
- Infinera G42 — versions 6.1.3
- Nokia G42
- Nokia G42_firmware
Weakness classification (CWE)
References
- a6d3dc9e-0591-4a13-bce7-0f5b31ff6158 (Third Party Advisory, government-resource)
- a6d3dc9e-0591-4a13-bce7-0f5b31ff6158 (Third Party Advisory, vdb-entry)
Frequently asked questions
- What is CVE-2025-27026?
- CVE-2025-27026 is a medium-severity vulnerability in Infinera G42, classified under CWE-1220. CVSS score: 4.9/10. Published 2025-07-02.
- How severe is CVE-2025-27026?
- Medium severity. CVSS v3 base score is 4.9 out of 10.