Server-Side Request Forgery in Infinera MTC-9
CVE-2025-26487

8.6HIGH

Key Information:

Vendor: Infinera
Status: Mtc-9
Vendor: CVE Published:; 8 December 2025

What is CVE-2025-26487?

A vulnerability within the Infinera MTC-9 product allows malicious actors to execute server-side request forgery (SSRF) attacks. Through SSRF, an attacker can manipulate the server to send unauthorized requests to internal or external resources, potentially leading to data breaches and unauthorized access. It is crucial for organizations utilizing the Infinera MTC-9 to implement necessary security measures to mitigate this risk and safeguard their systems from exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

MTC-9 R22.1.1.0275

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2025-26487

government-resource

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 8, 2025
Vulnerability Reserved
Feb 11, 2025

JSON

Infinera

What is CVE-2025-26487?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.