CVE-2025-26487

High CVSS: 8.6

Server-Side Request Forgery (SSRF) vulnerability in Infinera MTC-9 version allows
remote unauthenticated users to gain access to other network resources
using HTTPS requests through the appliance used as a bridge.

Vendor

Nokia

Product

Infinera Mtc-9 Firmware

CWE

CWE-918

Yayın Tarihi

2025-12-08 09:15:46

Güncelleme

2025-12-22 18:56:07

Source Identifier

a6d3dc9e-0591-4a13-bce7-0f5b31ff6158

KEV Date Added

Kategoriler

CWE-918 Infinera Mtc-9 Firmware HIGH Nokia 2025

Referanslar

https://www.cvcn.gov.it/cvcn/cve/CVE-2025-26487

Benzer Kayıtlar

High

CVE-2021-35486

A Cross-Site Request Forgery (CSRF) vulnerability in Nokia IMPACT through 19.11.2.10-20210118042150283 allows a remote a…

Low

CVE-2023-31044

An issue was discovered in Nokia Impact before Mobile 23_FP1. In Impact DM 19.11 onwards, a remote authenticated user, u…

Medium

CVE-2021-35483

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to…

High

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL…

High

CVE-2021-35485

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to…

Medium

CVE-2025-10258

Infinera DNA is vulnerable to a time-based SQL injection vulnerability due to insufficient input validation, which may r…