CVE-2025-27024

Name of the Vulnerable Software and Affected Versions: Infinera G42 version R6.1.3

Description: The issue allows remote authenticated users to read and write OS files via SFTP connections. Account members of the Network Administrator profile can access the target machine via SFTP with the same credentials used for SSH CLI access and are able to read all files according to the OS permission instead of remaining inside the chrooted directory position.

Recommendations: For Infinera G42 version R6.1.3, consider restricting SFTP access to only necessary users and implement additional access controls to limit file system access according to the principle of least privilege. As a temporary workaround, consider disabling SFTP connections for users with the Network Administrator profile until a patch is available. Restrict access to sensitive OS files and directories to minimize the risk of exploitation.