Unrated severityNVD Advisory· Published Jul 2, 2025· Updated Jul 2, 2025
Improper File Access in Infinera G42
CVE-2025-27024
Description
Unrestricted access to OS file system in SFTP service in Infinera G42 version R6.1.3 allows remote authenticated users to read/write OS files via SFTP connections.
Details: Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used for SSH CLI access and are able to read all files according to the OS permission instead of remaining inside the chrooted directory position.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- euvd.enisa.europa.eu/vulnerability/CVE-2025-27024mitrevdb-entry
- www.cvcn.gov.it/cvcn/cve/CVE-2025-27024mitregovernment-resource
News mentions
0No linked articles in our index yet.