Login Sign Up

CVE-2025-4661

2.3 LOW
Path Traversal

📋 TL;DR

A path traversal vulnerability in Brocade Fabric OS allows local admin users to access files outside intended directories, potentially exposing sensitive information. This affects organizations using Brocade switches running Fabric OS versions 9.1.0 through 9.2.2. Exploitation requires administrative privileges on the switch.

💻 Affected Systems

Products:
  • Brocade Fabric OS
Versions: 9.1.0 through 9.2.2
Operating Systems: Fabric OS
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects switches running specified Fabric OS versions; requires local admin access to exploit.

📦 What is this software?

Fabric Operating System by Broadcom

View all CVEs affecting Fabric Operating System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Administrator could access sensitive configuration files, credentials, or system files leading to complete switch compromise or network infrastructure disclosure.

🟠

Likely Case

Privileged user could read unintended configuration files or logs, potentially exposing network topology or limited credentials.

🟢

If Mitigated

Limited impact due to requirement for admin credentials; proper access controls and monitoring would detect unusual file access patterns.

🌐 Internet-Facing: LOW - This is a local vulnerability requiring admin access to the switch management interface.
🏢 Internal Only: MEDIUM - Internal administrators could potentially exploit this, but requires privileged access already.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires admin credentials; path traversal vulnerabilities are typically straightforward to exploit once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fabric OS 9.2.2a or later

Vendor Advisory: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35814

Restart Required: Yes

Instructions:

1. Download Fabric OS 9.2.2a or later from Broadcom support portal. 2. Backup switch configuration. 3. Upload and install the new firmware using the firmwareDownload command. 4. Reboot the switch.

🔧 Temporary Workarounds

Restrict Admin Access

all

Limit administrative access to only trusted personnel and implement strict access controls.

Enhanced Monitoring

all

Implement detailed logging and monitoring of file access patterns by admin users.

🧯 If You Can't Patch

  • Implement strict role-based access control and limit administrative privileges
  • Monitor admin user activity and file access patterns for anomalous behavior

🔍 How to Verify

Check if Vulnerable:

Check Fabric OS version using 'version' command; if version is between 9.1.0 and 9.2.2, system is vulnerable.

Check Version:

version

Verify Fix Applied:

After patching, verify version is 9.2.2a or later using 'version' command.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file access patterns by admin users
  • Path traversal attempts in system logs

Network Indicators:

  • N/A - local vulnerability

SIEM Query:

Search for file access events outside normal directories by admin users on Brocade switches

📊 Metadata

CVE ID: CVE-2025-4661
CVSS v3 Score: 2.3 (LOW)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CWE: CWE-22
EPSS Score: 0.02% exploit probability (4.8th percentile)
Published: June 19, 2025
Last Updated: February 6, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-4661, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)