CVE-2025-27022 – Infinera G42 WebGUI HTTP Endpoint Path Traversal Vulnerability

CVE ID : CVE-2025-27022

Published : July 2, 2025, 9:15 a.m. | 1 hour, 36 minutes ago

Description : A path traversal vulnerability of the WebGUI HTTP endpoint in Infinera G42 version R6.1.3
allows remote authenticated users to download all OS files via HTTP
requests.

Details:

Lack or insufficient validation of user-supplied input allows
authenticated users to access all files on the target machine file
system that are readable to the user account used to run the httpd
service.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

نوشته های مشابه

Multiple vulnerabilities in Trend Micro Password Manager for Windows (CVE-2025-48443, CVE-2025-52837)

CVE-2025-34075 – Vagrant Virtual Machine Escape via Ruby Code Injection

CVE-2025-34076 – Microweber CMS Local File Inclusion Vulnerability

CVE-2025-34078 – NSClient++ Privilege Escalation (Local)