Infinera G42 SFTP Service OS File System Access Vulnerability

Vulnerability

A vulnerability in the SFTP service of Infinera G42 version R6.1.3 allows remote authenticated users to read and write operating system files. This unrestricted access is granted through SFTP connections, using the same credentials as SSH command-line interface access. Users with Network Administrator profile can bypass the chrooted directory restriction and access files according to OS permissions.

Impact

Exploitation of this vulnerability could lead to unauthorized access and modification of OS files, potentially allowing for further exploitation or disruption of the system.

Added: Jul 2, 2025, 10:25 AM

Updated: Jul 2, 2025, 10:25 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Infinera G42 SFTP Service OS File System Access Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating