Infinera G42 WebGUI CLI Deactivation Access Control Vulnerability

Vulnerability

A vulnerability in Infinera G42 version R6.1.3 allows authenticated administrators to disable the Command Line Interface (CLI) and other management interfaces, such as the Linux Shell, WebGUI, and Physical Serial Console, without any confirmation. This lack of a double-check feature in the WebGUI for CLI deactivation can lead to a complete loss of control over the device, as the deactivation affects all mentioned interfaces and no confirmation is requested at the time of deactivation.

Impact

Disabling the CLI and other management interfaces can result in a total loss of control over the device, leaving administrators unable to manage or configure the device through standard channels.

Added: Jul 2, 2025, 2:27 PM

Updated: Jul 2, 2025, 2:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.8

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.8

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Infinera G42 WebGUI CLI Deactivation Access Control Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating