{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-27025", "assignerOrgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "state": "PUBLISHED", "assignerShortName": "ENISA", "dateReserved": "2025-02-18T06:59:55.889Z", "datePublished": "2025-07-02T09:52:05.812Z", "dateUpdated": "2025-07-02T13:07:42.554Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "G42", "vendor": "Infinera", "versions": [{"lessThan": "7.1", "status": "affected", "version": "6.1.3", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Agenzia per la Cybersicurezza Nazionale"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The target device exposes a service on a specific TCP port with a configured\n endpoint. The access to that endpoint is granted using a <em>Basic Authentication</em>\n method. The endpoint accepts also the PUT method and it is possible to \nwrite files on the target device file system. Files are written as <em>root</em>.\n Using Postman it is possible to perform a Directory Traversal attack \nand write files into any location of the device file system. Similarly to the PUT method, it is possible to leverage the \nsame mechanism to read any file from the file system by using the GET \nmethod.\n\n\n<br>"}], "value": "The target device exposes a service on a specific TCP port with a configured\n endpoint. The access to that endpoint is granted using a Basic Authentication\n method. The endpoint accepts also the PUT method and it is possible to \nwrite files on the target device file system. Files are written as root.\n Using Postman it is possible to perform a Directory Traversal attack \nand write files into any location of the device file system. Similarly to the PUT method, it is possible to leverage the \nsame mechanism to read any file from the file system by using the GET \nmethod."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-280", "description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "shortName": "ENISA", "dateUpdated": "2025-07-02T09:52:05.812Z"}, "references": [{"tags": ["government-resource"], "url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27025"}, {"tags": ["vdb-entry"], "url": "https://euvd.enisa.europa.eu/vulnerability/CVE-2025-27025"}], "source": {"discovery": "UNKNOWN"}, "title": "Improper File Access in Infinera G42", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-02T13:02:39.066954Z", "id": "CVE-2025-27025", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-02T13:07:42.554Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-27025", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-02T13:02:39.066954Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-02T13:06:41.865Z"}}], "cna": {"title": "Improper File Access in Infinera G42", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Agenzia per la Cybersicurezza Nazionale"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Infinera", "product": "G42", "versions": [{"status": "affected", "version": "6.1.3", "lessThan": "7.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27025", "tags": ["government-resource"]}, {"url": "https://euvd.enisa.europa.eu/vulnerability/CVE-2025-27025", "tags": ["vdb-entry"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "The target device exposes a service on a specific TCP port with a configured\n endpoint. The access to that endpoint is granted using a Basic Authentication\n method. The endpoint accepts also the PUT method and it is possible to \nwrite files on the target device file system. Files are written as root.\n Using Postman it is possible to perform a Directory Traversal attack \nand write files into any location of the device file system. Similarly to the PUT method, it is possible to leverage the \nsame mechanism to read any file from the file system by using the GET \nmethod.", "supportingMedia": [{"type": "text/html", "value": "The target device exposes a service on a specific TCP port with a configured\n endpoint. The access to that endpoint is granted using a <em>Basic Authentication</em>\n method. The endpoint accepts also the PUT method and it is possible to \nwrite files on the target device file system. Files are written as <em>root</em>.\n Using Postman it is possible to perform a Directory Traversal attack \nand write files into any location of the device file system. Similarly to the PUT method, it is possible to leverage the \nsame mechanism to read any file from the file system by using the GET \nmethod.\n\n\n<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-280", "description": "CWE-280: Improper Handling of Insufficient Permissions or Privileges"}]}], "providerMetadata": {"orgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "shortName": "ENISA", "dateUpdated": "2025-07-02T09:52:05.812Z"}}}, "cveMetadata": {"cveId": "CVE-2025-27025", "state": "PUBLISHED", "dateUpdated": "2025-07-02T13:07:42.554Z", "dateReserved": "2025-02-18T06:59:55.889Z", "assignerOrgId": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "datePublished": "2025-07-02T09:52:05.812Z", "assignerShortName": "ENISA"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The target device exposes a service on a specific TCP port with a configured\n endpoint. The access to that endpoint is granted using a Basic Authentication\n method. The endpoint accepts also the PUT method and it is possible to \nwrite files on the target device file system. Files are written as root.\n Using Postman it is possible to perform a Directory Traversal attack \nand write files into any location of the device file system. Similarly to the PUT method, it is possible to leverage the \nsame mechanism to read any file from the file system by using the GET \nmethod."}, {"lang": "es", "value": "El dispositivo objetivo expone un servicio en un puerto TCP espec\u00edfico con un endpoint configurado. El acceso a dicho endpoint se otorga mediante un m\u00e9todo de autenticaci\u00f3n b\u00e1sica. El endpoint tambi\u00e9n acepta el m\u00e9todo PUT y permite escribir archivos en el sistema de archivos del dispositivo objetivo. Los archivos se escriben como root. Con Postman, es posible realizar un ataque de Directory Traversal y escribir archivos en cualquier ubicaci\u00f3n del sistema de archivos del dispositivo. De forma similar al m\u00e9todo PUT, es posible utilizar el mismo mecanismo para leer cualquier archivo del sistema de archivos mediante el m\u00e9todo GET."}], "id": "CVE-2025-27025", "lastModified": "2025-07-03T15:13:53.147", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "type": "Secondary"}]}, "published": "2025-07-02T10:15:22.880", "references": [{"source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "url": "https://euvd.enisa.europa.eu/vulnerability/CVE-2025-27025"}, {"source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "url": "https://www.cvcn.gov.it/cvcn/cve/CVE-2025-27025"}], "sourceIdentifier": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-280"}], "source": "a6d3dc9e-0591-4a13-bce7-0f5b31ff6158", "type": "Secondary"}]}

{}