← back
CVE-2025-58380

Directory transversal vulnerability in Brocade Fabric OS before 9.2.1 using grep command

CVSS 4.6 MEDIUMEPSS 0.2%CWE-35
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.6EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Feb 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with admin privileges using the shell command “grep” to modify the path variables and move upwards in the directory structure or to traverse to different directories.
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Affected products
Brocade · Fabric OS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36854