CVE-2025-58381

CWE-353 documents3 sources
Severity
4.6MEDIUM
EPSS
0.0%
top 99.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Broadcom Fabric Operating SystemBrocade Fabric OS
Timeline
PublishedFeb 3

Description

A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with admin privileges using the shell commands “source, ping6, sleep, disown, wait to modify the path variables and move upwards in the directory structure or to traverse to different directories.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5brocade/fabric_osbefore 9.2.1c2
NVDbroadcom/fabric_operating_system9.2.29.2.2b+1

🔴Vulnerability Details

2
GHSA
GHSA-64h4-vpph-xc2h: A vulnerability in Brocade Fabric OS before 92026-02-03
CVEList
Directory transversal vulnerability in Brocade Fabric OS before 9.2.1c2 and 9.2.2 through 9.2.2a using various shell commands2026-02-03
CVE-2025-58381 (MEDIUM CVSS 4.6) | A vulnerability in Brocade Fabric O | cvebase.io