How to fix EUVD-2025-19724?

Within 30 days: Identify affected systems running the WebGUI for CLI deactivation in Infinera G42 and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is G42 Firmware affected by EUVD-2025-19724?

Organizations using the WebGUI for CLI deactivation in Infinera G42 should be aware of moderate risk from CVE-2025-27026 rated CVSS 4.9. Exploitation could compromise the security of affected deployments. Organizations should apply vendor updates when available and monitor for exploitation.

EUVD-2025-19724

| CVE-2025-27026 MEDIUM

2025-07-02 a6d3dc9e-0591-4a13-bce7-0f5b31ff6158

4.9

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 16, 2026 - 01:55 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 01:55 euvd

EUVD-2025-19724

CVE Published

Jul 02, 2025 - 14:15 nvd

MEDIUM 4.9

Description

A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3 allows an authenticated administrator to make other management interfaces unavailable via local and network interfaces. The CLI deactivation via the WebGUI does not only stop CLI interface but deactivates also Linux Shell, WebGUI and Physical Serial Console access. No confirmation is asked at deactivation time. Loosing access to these services device administrators are at risk of completely loosing device control.

Analysis

A security vulnerability in the WebGUI for CLI deactivation in Infinera G42 (CVSS 4.9) that allows an authenticated administrator. Remediation should follow standard vulnerability management procedures.

Technical Context

Vulnerability type not specified by vendor. Affects the WebGUI for CLI deactivation in Infinera G42.

Affected Products

['the WebGUI for CLI deactivation in Infinera G42']

Remediation

Monitor vendor channels for patch availability.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +24

POC: 0

EUVD-2025-19724 vulnerability details – vuln.today

Back

EUVD-2025-19724

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

EUVD-2025-19724

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code