Infinera MTC-9 SSH Command Execution Vulnerability

Vulnerability

A vulnerability exists in Infinera MTC-9 versions R22.1.1.0275 prior to R23.0 due to improper SSH service configuration. This misconfiguration allows unauthenticated attackers to execute arbitrary commands and access filesystem data via SSH. The issue arises from specific password-less users being able to perform actions not intended for system command-line interface logins.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution and unauthorized access to filesystem data.

Added: Dec 8, 2025, 10:17 AM

Updated: Dec 8, 2025, 10:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

1.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Infinera MTC-9 SSH Command Execution Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating