CVE-2025-29312

Name of the Vulnerable Software and Affected Versions onos version 2.7.0

Description An issue in onos allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct.

Recommendations For onos version 2.7.0, consider restricting access to the legacy switch or temporarily disabling the link type change functionality until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.