VYPR
High severity7.3NVD Advisory· Published Oct 17, 2024· Updated Apr 15, 2026

CVE-2023-6729

CVE-2023-6729

Description

Nokia SR OS routers allow read-write access to the entire file system via SFTP or SCP for users configured with "access console." Consequently, a low privilege authenticated user with "access console" can read or replace the router configuration file as well as other files stored in the Compact Flash or SD card without using CLI commands. This type of attack can lead to a compromise or denial of service of the router after the system is rebooted.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.