Nokia Infinera Mtc-9 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Nokia Infinera Mtc-9 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-27019 — CVSS 9.8 (critical): Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize password-less user accounts and obtain…
CVE-2025-27020 — CVSS 9.8 (critical): Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to execute arbitrary commands and access…
CVE-2025-26487 — CVSS 8.6 (high): Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows remote unauthenticated users to gain access to other…
CVE-2025-26488 — CVSS 7.5 (high): Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to crash the service and cause a reboot of…
CVE-2025-26489 — CVSS 6.5 (medium): Improper input validation in the Netconf service in Infinera MTC-9 allows remote authenticated users to crash the service and reboot the…