Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-5268— SFTP Server Authentication Weakness

AI Predicted 9.8 Difficulty: Easy EPSS 0.42% · P34

Affected Version Matrix 4

VendorProductVersion RangeStatus
CIENA6500 S-SeriesR16.96 and prioraffected
CIENA6500 T-SeriesR16.1 and prioraffected
CIENACPLR12.63 and prioraffected
CIENAPTSR16.1 and prioraffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-5268

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
SFTP Server Authentication Weakness
Source: NVD (National Vulnerability Database)
Vulnerability Description
An authentication bypass vulnerability exists in the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass security controls and gain unauthorized access to the underlying filesystem. Successful exploitation could allow an attacker to read or modify system files.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用候选路径或通道进行的认证绕过
Source: NVD (National Vulnerability Database)
Vulnerability Title
Ciena 6500 S-Series 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ciena 6500 S-Series是Ciena公司的一款网络交换设备。 Ciena 6500 S-Series、6500 T-Series、PTS和CPL存在授权问题漏洞,该漏洞源于默认SFTP服务器组件存在认证绕过问题,可能导致远程未经过身份验证的攻击者绕过安全控制并获得对底层文件系统的未授权访问,从而读取或修改系统文件。以下版本受到影响:6500 S-Series R16.96及之前版本、6500 T-Series R16.1及之前版本、PTS R16.1及之前版本和CPL R12.63及之前版本
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
CIENA6500 S-Series R16.96 and prior -
CIENA6500 T-Series R16.1 and prior -
CIENAPTS R16.1 and prior -
CIENACPL R12.63 and prior -

II. Public POCs for CVE-2026-5268

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-5268

登录查看更多情报信息。

IV. Related Vulnerabilities

V. Comments for CVE-2026-5268

No comments yet


Leave a comment