Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for MantaRay NM by Nokia

    CVE-2025-7406 (GCVE-0-2025-7406)

    Vulnerability from nvd – Published: 2026-06-30 08:59 – Updated: 2026-06-30 13:31
    VLAI
    Title
    A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: <NM 25R1-NM
    Unaffected: ≥NM 25R1-NM
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7406",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:31:19.958711Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-269",
                    "description": "CWE-269 Improper Privilege Management",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:31:51.576Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003cNM 25R1-NM"
                },
                {
                  "status": "unaffected",
                  "version": "\u2265NM 25R1-NM"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T08:59:58.941Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "name": "Nokia Product Security Advisory",
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-7406/"
            }
          ],
          "title": "A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-7406",
        "datePublished": "2026-06-30T08:59:58.941Z",
        "dateReserved": "2025-07-10T06:10:12.822Z",
        "dateUpdated": "2026-06-30T13:31:51.576Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24816 (GCVE-0-2025-24816)

    Vulnerability from nvd – Published: 2026-06-30 08:58 – Updated: 2026-06-30 13:30
    VLAI
    Title
    An Improper Access Control vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: <25R2-NM
    Unaffected: ≥25R2-NM
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:30:08.532062Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-284",
                    "description": "CWE-284 Improper Access Control",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:30:45.148Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c25R2-NM"
                },
                {
                  "status": "unaffected",
                  "version": "\u226525R2-NM"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T11:40:27.463Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "name": "Nokia Product Security Advisory",
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24816/"
            }
          ],
          "title": "An Improper Access Control vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24816",
        "datePublished": "2026-06-30T08:58:29.484Z",
        "dateReserved": "2025-01-24T13:25:43.869Z",
        "dateUpdated": "2026-06-30T13:30:45.148Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24815 (GCVE-0-2025-24815)

    Vulnerability from nvd – Published: 2026-06-30 08:55 – Updated: 2026-06-30 13:29
    VLAI
    Title
    An unrestricted file upload vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: <25R2-NM
    Unaffected: ≥25R2-NM
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24815",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:43.371983Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-434",
                    "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:29:34.489Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c25R2-NM"
                },
                {
                  "status": "unaffected",
                  "version": "\u226525R2-NM"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T11:40:20.157Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "name": "Nokia Product Security Advisory",
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24815/"
            }
          ],
          "title": "An unrestricted file upload vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24815",
        "datePublished": "2026-06-30T08:55:42.078Z",
        "dateReserved": "2025-01-24T13:25:43.869Z",
        "dateUpdated": "2026-06-30T13:29:34.489Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24819 (GCVE-0-2025-24819)

    Vulnerability from nvd – Published: 2026-04-07 15:14 – Updated: 2026-04-07 17:56
    VLAI
    Title
    A Relative Path Traversal vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24819",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-07T17:46:21.365319Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-23",
                    "description": "CWE-23 Relative Path Traversal",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-07T17:56:15.517Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:14:42.719Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24819/"
            }
          ],
          "title": "A Relative Path Traversal vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24819",
        "datePublished": "2026-04-07T15:14:42.719Z",
        "dateReserved": "2025-01-24T13:25:43.870Z",
        "dateUpdated": "2026-04-07T17:56:15.517Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24818 (GCVE-0-2025-24818)

    Vulnerability from nvd – Published: 2026-04-07 15:13 – Updated: 2026-04-07 20:11
    VLAI
    Title
    An OS Command Injection vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: Earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24818",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-07T20:11:08.674316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-77",
                    "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-07T20:11:29.811Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "Earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:13:22.492Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24818/"
            }
          ],
          "title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24818",
        "datePublished": "2026-04-07T15:13:22.492Z",
        "dateReserved": "2025-01-24T13:25:43.870Z",
        "dateUpdated": "2026-04-07T20:11:29.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24817 (GCVE-0-2025-24817)

    Vulnerability from nvd – Published: 2026-04-07 15:09 – Updated: 2026-04-08 16:15
    VLAI
    Title
    An OS Command Injection vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: Earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T15:47:32.334342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T16:15:12.963Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "Earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:09:47.125Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24817/"
            }
          ],
          "title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24817",
        "datePublished": "2026-04-07T15:09:47.125Z",
        "dateReserved": "2025-01-24T13:25:43.869Z",
        "dateUpdated": "2026-04-08T16:15:12.963Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-7406 (GCVE-0-2025-7406)

    Vulnerability from cvelistv5 – Published: 2026-06-30 08:59 – Updated: 2026-06-30 13:31
    VLAI
    Title
    A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: <NM 25R1-NM
    Unaffected: ≥NM 25R1-NM
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-7406",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:31:19.958711Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-269",
                    "description": "CWE-269 Improper Privilege Management",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:31:51.576Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003cNM 25R1-NM"
                },
                {
                  "status": "unaffected",
                  "version": "\u2265NM 25R1-NM"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to a sudo privilege escalation vulnerability where a local attacker possessing administrative (local admin) privileges can escalate to full root privileges on the host. Successful exploitation results in root-level access to the filesystem and the ability to execute actions as root. The risk can be temporarily mitigated by restricting the set of commands permitted via sudo for the affected accounts."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T08:59:58.941Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "name": "Nokia Product Security Advisory",
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-7406/"
            }
          ],
          "title": "A Sudo Privilege Escalation Vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-7406",
        "datePublished": "2026-06-30T08:59:58.941Z",
        "dateReserved": "2025-07-10T06:10:12.822Z",
        "dateUpdated": "2026-06-30T13:31:51.576Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24816 (GCVE-0-2025-24816)

    Vulnerability from cvelistv5 – Published: 2026-06-30 08:58 – Updated: 2026-06-30 13:30
    VLAI
    Title
    An Improper Access Control vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: <25R2-NM
    Unaffected: ≥25R2-NM
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 6.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24816",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:30:08.532062Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-284",
                    "description": "CWE-284 Improper Access Control",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:30:45.148Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c25R2-NM"
                },
                {
                  "status": "unaffected",
                  "version": "\u226525R2-NM"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay is subject to an Improper Access Control vulnerability due to insufficient authorization within the API. Successful exploitation could allow an authenticated attacker to retrieve confidential information beyond their assigned privileges."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T11:40:27.463Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "name": "Nokia Product Security Advisory",
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24816/"
            }
          ],
          "title": "An Improper Access Control vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24816",
        "datePublished": "2026-06-30T08:58:29.484Z",
        "dateReserved": "2025-01-24T13:25:43.869Z",
        "dateUpdated": "2026-06-30T13:30:45.148Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24815 (GCVE-0-2025-24815)

    Vulnerability from cvelistv5 – Published: 2026-06-30 08:55 – Updated: 2026-06-30 13:29
    VLAI
    Title
    An unrestricted file upload vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-434 - Unrestricted Upload of File with Dangerous Type
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: <25R2-NM
    Unaffected: ≥25R2-NM
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 7.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24815",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-30T13:28:43.371983Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-434",
                    "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-30T13:29:34.489Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c25R2-NM"
                },
                {
                  "status": "unaffected",
                  "version": "\u226525R2-NM"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-30T11:40:20.157Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "name": "Nokia Product Security Advisory",
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24815/"
            }
          ],
          "title": "An unrestricted file upload vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24815",
        "datePublished": "2026-06-30T08:55:42.078Z",
        "dateReserved": "2025-01-24T13:25:43.869Z",
        "dateUpdated": "2026-06-30T13:29:34.489Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24819 (GCVE-0-2025-24819)

    Vulnerability from cvelistv5 – Published: 2026-04-07 15:14 – Updated: 2026-04-07 17:56
    VLAI
    Title
    A Relative Path Traversal vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-23 - Relative Path Traversal
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.7,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24819",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-07T17:46:21.365319Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-23",
                    "description": "CWE-23 Relative Path Traversal",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-07T17:56:15.517Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to a Relative Path Traversal vulnerability due to improper validation of input parameter on the file system in Software Manager application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:14:42.719Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24819/"
            }
          ],
          "title": "A Relative Path Traversal vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24819",
        "datePublished": "2026-04-07T15:14:42.719Z",
        "dateReserved": "2025-01-24T13:25:43.870Z",
        "dateUpdated": "2026-04-07T17:56:15.517Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24818 (GCVE-0-2025-24818)

    Vulnerability from cvelistv5 – Published: 2026-04-07 15:13 – Updated: 2026-04-07 20:11
    VLAI
    Title
    An OS Command Injection vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: Earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24818",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-07T20:11:08.674316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-77",
                    "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-07T20:11:29.811Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "Earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Log Search application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:13:22.492Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24818/"
            }
          ],
          "title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24818",
        "datePublished": "2026-04-07T15:13:22.492Z",
        "dateReserved": "2025-01-24T13:25:43.870Z",
        "dateUpdated": "2026-04-07T20:11:29.811Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-24817 (GCVE-0-2025-24817)

    Vulnerability from cvelistv5 – Published: 2026-04-07 15:09 – Updated: 2026-04-08 16:15
    VLAI
    Title
    An OS Command Injection vulnerability in Nokia MantaRay NM
    Summary
    Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Nokia MantaRay NM Affected: Earlier than 25R1-NM (exclusive)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "ADJACENT_NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-24817",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-08T15:47:32.334342Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-08T16:15:12.963Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "affected",
              "product": "MantaRay NM",
              "vendor": "Nokia",
              "versions": [
                {
                  "status": "affected",
                  "version": "Earlier than 25R1-NM (exclusive)"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Nokia MantaRay NM is vulnerable to an OS command injection vulnerability due to improper neutralization of special elements used in an OS command in Symptom Collector application."
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-07T15:09:47.125Z",
            "orgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
            "shortName": "Nokia"
          },
          "references": [
            {
              "url": "https://www.nokia.com/we-are-nokia/security/product-security-advisory/cve-2025-24817/"
            }
          ],
          "title": "An OS Command Injection vulnerability in Nokia MantaRay NM",
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b48c3b8f-639e-4c16-8725-497bc411dad0",
        "assignerShortName": "Nokia",
        "cveId": "CVE-2025-24817",
        "datePublished": "2026-04-07T15:09:47.125Z",
        "dateReserved": "2025-01-24T13:25:43.869Z",
        "dateUpdated": "2026-04-08T16:15:12.963Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }