Infinera MTC-9 Improper Input Validation in Netconf Service Leading to Denial-of-Service

Vulnerability

A denial-of-service vulnerability has been identified in the Netconf service of Infinera MTC-9, specifically in versions from R22.1.1.0275 prior to R23.0. This vulnerability allows remote authenticated users to cause the service to crash and reboot the appliance by sending crafted XML payloads, thereby creating a DoS condition.

Impact

Exploitation of this vulnerability causes the Netconf service to crash and the appliance to reboot, leading to a denial-of-service condition.

Added: Dec 8, 2025, 9:22 AM

Updated: Dec 8, 2025, 2:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Infinera MTC-9 Improper Input Validation in Netconf Service Leading to Denial-of-Service

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating