Directory transversal vulnerability in Brocade Fabric OS before 9.2.1c2 and...

4.6 / 10

MEDIUM

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Description

A
vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an
authenticated attacker with admin privileges using the shell commands
“source, ping6, sleep, disown, wait to modify the path variables and
move upwards in the directory structure or to traverse to different
directories.

Basic Information

ID CVE-2025-58381

Source brocade

Published Feb 3, 2026 at 05:40

Modified Feb 3, 2026 at 05:41

Affected Product

Vendor Brocade

Product Fabric OS

Version before 9.2.1c2

Affected Versions Brocade Fabric OS before 9.2.1c2

CWE Classification

CWE-35

References

support.broadcom.com /web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36853

{
    "lastseen": "",
    "description": "A\n vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an \nauthenticated attacker with admin privileges using the shell commands \n\u201csource, ping6, sleep, disown, wait to modify the path variables and \nmove upwards in the directory structure or to traverse to different \ndirectories.",
    "published": "2026-02-03T05:40:14.240Z",
    "modified": "2026-02-03T05:41:10.234Z",
    "type": "cve",
    "title": "Directory transversal vulnerability in Brocade Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a using various shell commands",
    "source": "brocade",
    "references": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36853",
    "id": "CVE-2025-58381",
    "bulletinFamily": "",
    "cwe": [
        "CWE-35"
    ],
    "cvelist": null,
    "sourceData": "Brocade Fabric OS before 9.2.1c2",
    "sourceHref": "",
    "cvss": {
        "score": 4.6,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Fabric OS",
    "version": "before 9.2.1c2",
    "vendor": "Brocade",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Directory transversal vulnerability in Brocade Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a using various shell commands_CVE-2025-58381