CRITICAL🇵🇱 Wersja polska

CVE-2025-27019

CVSS 9.8v3.1pub. 2025-12-08upd. 2025-12-22

Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain system access by activating a reverse shell.This issue affects MTC-9: from R22.1.1.0275 before R23.0.

🤖 AI Analysis
How it works

The RSH service in Infinera MTC-9 firmware versions from R22.1.1.0275 to R23.0 does not require authentication (CWE-306 — lack of access control mechanism). An attacker can use user accounts without passwords to connect to the RSH service without providing credentials. Subsequently, by activating reverse shell, they gain interactive access to the system shell on the targeted device. The entire attack can be conducted remotely over the network without any prior authorization.

Impact

An attacker gains full, unauthorized access to the device's operating system, allowing for reading confidential configuration data, modifying settings, disrupting network device operation, and potential lateral movement within the network.

Mitigation & patch

Update Nokia Infinera MTC-9 firmware to version R23.0 or newer. Additionally, it is recommended to disable or restrict access to the RSH service at the network level (firewall, network segmentation) until the patch is deployed. Review and secure or remove user accounts without passwords.

Who is affected

Nokia Infinera MTC-9 with firmware version from R22.1.1.0275 to (but not including) R23.0

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Nokia Infinera Mtc 9

    HW
    Nokia
    wszystkie wersje
  • Nokia Infinera Mtc 9 Firmware

    OS
    Nokia
    22.1.1.0275 – 23.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-27020CRITICAL9.8PL ✓ten sam produkt

Pominięcie uwierzytelnienia SSH w Nokia Infinera MTC-9 umożliwia RCE

CVE-2025-26487HIGH8.6ten sam produkt

Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows remote unauthenticated user...

CVE-2025-26488HIGH7.5ten sam produkt

Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the ser...

CVE-2025-26489MEDIUM6.5ten sam produkt

Improper input validation in the Netconf service in Infinera MTC-9 allows remote authenticated users to crash ...

CVE-2025-24936CRITICAL9.0PL ✓ten sam vendor

Command injection w Nokia Wavesuite NOC — RCE przez aplikację webową