CVE ID : CVE-2025-27024
Published : July 2, 2025, 10:15 a.m. | 1 hour, 28 minutes ago
Description : Unrestricted access to OS file system in SFTP service in Infinera G42
version R6.1.3 allows remote authenticated users to read/write OS files
via SFTP connections.
Details: Account members of the Network Administrator profile can access the
target machine via SFTP with the same credentials used for SSH CLI
access and are able to read all files according to the OS permission instead of remaining inside the chrooted directory position.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More