Arbitrary File Overwrite using less command
Description
System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
System files can be overwritten via the less command in Brocade Fabric OS before v9.1.1c and v9.2.0.
Vulnerability
An arbitrary file overwrite vulnerability exists in the less command of Brocade Fabric OS versions prior to v9.1.1c and v9.2.0 [1]. An authenticated local attacker with low privileges can exploit this flaw to overwrite system files, potentially leading to denial of service or privilege escalation [1].
Exploitation
An attacker must have local access to the Brocade Fabric OS command-line interface with a low-privileged account [1]. The attacker can then invoke the less command in a way that causes the overwrite of arbitrary system files [1]. No user interaction beyond the attacker's own actions is required.
Impact
Successful exploitation allows the attacker to overwrite system files, which can result in a denial of service (affecting availability) or a high impact on integrity [1]. The attacker does not gain direct access to confidential information, but the overwrite could compromise the system's operation and security [1].
Mitigation
The vulnerability is fixed in Brocade Fabric OS versions v9.1.1c and v9.2.0 [1]. Administrators should upgrade to these or later versions. No workarounds are mentioned in the available references [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <9.1.1c
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2News mentions
0No linked articles in our index yet.