CVE-2023-6729

Name of the Vulnerable Software and Affected Versions Nokia SR OS routers (affected versions not specified)

Description The issue allows low-privilege authenticated users with "access console" to gain read-write access to the entire file system via SFTP or SCP. This access enables them to read or replace the router configuration file and other files stored in the Compact Flash or SD card without using CLI commands, potentially leading to a compromise or denial of service of the router after a system reboot.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.