Nokia Infinera_mtc-9_firmware
5 CVEs affecting Nokia Infinera_mtc-9_firmware. Latest disclosed: 2025-12-08. Critical: 2, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-27020 | Critical | 9.8 | 2025-12-08 | Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . … |
CVE-2025-27019 | Critical | 9.8 | 2025-12-08 | Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activ… |
CVE-2025-26487 | High | 8.6 | 2025-12-08 | Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows remote unauthenticated users to gain access to other network resources usin… |
CVE-2025-26488 | High | 7.5 | 2025-12-08 | Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a reboot of the appliance, thus c… |
CVE-2025-26489 | Medium | 6.5 | 2025-12-08 | Improper input validation in the Netconf service in Infinera MTC-9 allows remote authenticated users to crash the service and reboot the appliance, thus causi… |