📦

infinera_mtc-9

Vendor: nokia

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 10 Total Indexed

Avg. EPSS 0.11% Exploit Prob.

Latest CVE CVE-2025-27020 Dec 08

Security Vulnerability Index

Page 1 / 1

9.8 CVSS

CVE-2025-27020

Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access data on file system . This issue affects MTC-9: from R22.1.1.0275 before R23.0.

EPSS: 0.22%

Severity: CRITICAL

Dec 08, 2025

9.8 CVSS

CVE-2025-27019

Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0.

EPSS: 0.06%

Severity: CRITICAL

Dec 08, 2025

6.5 CVSS

CVE-2025-26489

Improper input validation in the Netconf service in Infinera MTC-9 allows remote authenticated users to crash the service and reboot the appliance, thus causing a DoS condition, via crafted XML payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0.

EPSS: 0.15%

Severity: MEDIUM

Dec 08, 2025

7.5 CVSS

CVE-2025-26488

Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a reboot of the appliance, thus causing a DoS condition, via crafted XML payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0.

EPSS: 0.08%

Severity: HIGH

Dec 08, 2025

8.6 CVSS

CVE-2025-26487

Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows remote unauthenticated users to gain access to other network resources using HTTPS requests through the appliance used as a bridge.

EPSS: 0.04%

Severity: HIGH

Dec 08, 2025

Displaying 5 of 10 Total Entries

Total 1 Sections