CVE-2025-26489

Medium CVSS: 6.5

Improper input validation in the Netconf service in Infinera MTC-9 allows remote authenticated users to crash the service and
reboot the appliance, thus causing a DoS condition, via crafted XML
payloads.This issue affects MTC-9: from R22.1.1.0275 before R23.0.

Vendor

Nokia

Product

Infinera Mtc-9 Firmware

CWE

CWE-20

Yayın Tarihi

2025-12-08 09:15:46

Güncelleme

2025-12-22 18:55:55

Source Identifier

a6d3dc9e-0591-4a13-bce7-0f5b31ff6158

KEV Date Added

Kategoriler

CWE-20 Infinera Mtc-9 Firmware MEDIUM Nokia 2025

Referanslar

https://www.cve.org/CVERecord?id=CVE-2025-26489

Benzer Kayıtlar

High

CVE-2021-35486

A Cross-Site Request Forgery (CSRF) vulnerability in Nokia IMPACT through 19.11.2.10-20210118042150283 allows a remote a…

Low

CVE-2023-31044

An issue was discovered in Nokia Impact before Mobile 23_FP1. In Impact DM 19.11 onwards, a remote authenticated user, u…

Medium

CVE-2021-35483

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to…

High

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL…

High

CVE-2021-35485

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to…

Medium

CVE-2025-10258

Infinera DNA is vulnerable to a time-based SQL injection vulnerability due to insufficient input validation, which may r…