Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-25660

The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low-privileged remote attacker to conduct unauthorized file operations, because of execution with unnecessary privileges.

Published

2024-10-01T16:15:09.463

Last Modified

2025-07-03T14:34:53.777

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.0 (CRITICAL)

Weaknesses

Type: Secondary
CWE-266

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	nokia	transcend_network_management_system	19.10.3	Yes

References

https://www.cvcn.gov.it/cvcn/cve/CVE-2024-25660 Third Party Advisory ([email protected])
https://www.nokia.com/optical-networks/infinera/ Product (af854a3a-2127-422b-91ae-364da2661108)