PT-2025-49542 · Infinera · Infinera Mtc-9
Published
2025-12-08
·
Updated
2025-12-22
·
CVE-2025-27020
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Infinera MTC-9 versions R22.1.1.0275 through R22.9.9
Description
An improper configuration of the SSH service in Infinera MTC-9 can allow an unauthenticated attacker to execute arbitrary commands and access data on the file system. The issue allows for unauthorized command execution due to the misconfigured SSH service.
Recommendations
Upgrade to version R23.0 or later.
Restrict SSH access until the system is updated.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Infinera Mtc-9