Severity by source
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
4DescriptionCVE.org
A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3 allows an authenticated administrator to make other management interfaces unavailable via local and network interfaces. The CLI deactivation via the WebGUI does not only stop CLI interface but deactivates also Linux Shell, WebGUI and Physical Serial Console access. No confirmation is asked at deactivation time. Loosing access to these services device administrators are at risk of completely loosing device control.
AnalysisAI
A security vulnerability in the WebGUI for CLI deactivation in Infinera G42 (CVSS 4.9) that allows an authenticated administrator. Remediation should follow standard vulnerability management procedures.
Technical ContextAI
Vulnerability type not specified by vendor. Affects the WebGUI for CLI deactivation in Infinera G42.
RemediationAI
Monitor vendor channels for patch availability.
More in G42 Firmware
View allA path traversal vulnerability of the WebGUI HTTP endpoint in Infinera G42 version R6.1.3 allows remote authenticated u
The misconfiguration in the sudoers configuration of the operating system in Infinera G42 version R6.1.3 allows low pri
Lack or insufficent input validation in WebGUI CLI web in Infinera G42 version R6.1.3 allows remote authenticated users
A security vulnerability in SFTP service in Infinera G42 (CVSS 6.5) that allows remote authenticated users. Remediation
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-19724