Authentication Bypass in Ciena Products Affecting Default SFTP Server
CVE-2026-5268
Currently unrated
What is CVE-2026-5268?
An authentication bypass vulnerability has been identified in the default SFTP server component used in various Ciena products. This flaw enables remote, unauthenticated attackers to circumvent security measures, potentially granting them unauthorized access to the underlying filesystem. If successfully exploited, this vulnerability may allow attackers to read or modify crucial system files, posing significant risks to data integrity and confidentiality.
Affected Version(s)
6500 S-Series R16.96 and prior
6500 T-Series R16.1 and prior
CPL R12.63 and prior
