{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-01T18:22:34.077","vulnerabilities":[{"cve":{"id":"CVE-2025-27026","sourceIdentifier":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","published":"2025-07-02T14:15:23.900","lastModified":"2026-02-11T21:20:38.777","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 \nversion R6.1.3 allows an authenticated administrator to make other \nmanagement interfaces unavailable via local and network interfaces. The CLI deactivation via the WebGUI does not only stop CLI interface but deactivates also Linux Shell, WebGUI and Physical Serial Console access. No \nconfirmation is asked at deactivation time. Loosing access to these services device administrators are at risk of completely loosing device control."},{"lang":"es","value":"La ausencia de una función de doble verificación en la interfaz web para la desactivación de la CLI en Infinera G42 versión R6.1.3 permite a un administrador autenticado desactivar otras interfaces de administración a través de interfaces locales y de red. La desactivación de la CLI mediante la interfaz web no solo detiene la interfaz, sino que también desactiva el acceso a Linux Shell, la interfaz web y la consola serie física. No se solicita confirmación al desactivarla. Al perder el acceso a estos servicios, los administradores de dispositivos corren el riesgo de perder completamente el control del dispositivo."}],"metrics":{"cvssMetricV31":[{"source":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6}]},"weaknesses":[{"source":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","type":"Secondary","description":[{"lang":"en","value":"CWE-1220"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nokia:g42_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.3","versionEndExcluding":"8.0","matchCriteriaId":"F3DC0C26-02A8-48FA-9CFE-CA540AA5106B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:nokia:g42:-:*:*:*:*:*:*:*","matchCriteriaId":"631A98C4-038C-40FA-A9AC-0A6155EDB9F5"}]}]}],"references":[{"url":"https://euvd.enisa.europa.eu/vulnerability/CVE-2025-27026","source":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","tags":["Third Party Advisory"]},{"url":"https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27026","source":"a6d3dc9e-0591-4a13-bce7-0f5b31ff6158","tags":["Third Party Advisory"]}]}}]}