CVE-2026-25623

🗓️ 05 Jun 2026 19:31:49Reported by AristaType

Authenticated admins can execute arbitrary commands via input validation flaw in Arista Edge Threat Management Next Generation Firewall UI.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-25623	5 Jun 202619:31	–	attackerkb
Arista	Security Advisory 0133	3 Feb 202600:00	–	arista
Circl	CVE-2026-25623	5 Jun 202620:48	–	circl
CNNVD	Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞	5 Jun 202600:00	–	cnnvd
Cvelist	CVE-2026-25623 Arista Edge Threat Management NGFW UI Arbitrary Command Execution	5 Jun 202619:31	–	cvelist
EUVD	EUVD-2026-34909	5 Jun 202619:31	–	euvd
NVD	CVE-2026-25623	5 Jun 202620:17	–	nvd
Positive Technologies	PT-2026-47048	5 Jun 202600:00	–	ptsecurity
Vulnrichment	CVE-2026-25623 Arista Edge Threat Management NGFW UI Arbitrary Command Execution	5 Jun 202619:31	–	vulnrichment

NVD

Node

arista ng_firewallRange<17.4.1

[
  {
    "vendor": "Arista Networks",
    "product": "Arista Edge Threat Management - Arista Next Generation Firewall (NGFW)",
    "platforms": [
      "Arista Edge Threat Management - Arista Next Generation Firewall (Formerly Untangle)"
    ],
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThanOrEqual": "17.4.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
arista	www.arista.com/en/support/advisories-notices/security-advisory/23399-security-advisory-0133

17 Jun 2026 10:24Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.16

CVSS 47

EPSS0.06174

SSVC

CWE-78