Lucene search
+L

28 matches found

NVD
NVD
added 2026/06/05 8:17 p.m.14 views

CVE-2026-25620

An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS0.0988EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 7:34 p.m.12 views

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS5.2AI score0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 7:34 p.m.31 views

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS0.00154EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 7:34 p.m.29 views

CVE-2026-25624

CVE-2026-25624 is an administrative cross-site scripting vulnerability in the web UI dashboard layout of Arista Edge Threat Management NGFW. The issue involves unvalidated user-supplied variables echoed back to administrative profiles, enabling XSS when an attacker has administrative UI access. A...

5.8CVSS5.2AI score0.00154EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/05 7:31 p.m.8 views

CVE-2026-25623 Arista Edge Threat Management NGFW UI Arbitrary Command Execution

An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions...

7CVSS5.8AI score0.05951EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 7:29 p.m.8 views

CVE-2026-25622 Arista Edge Threat Management NGFW Captive Portal Custom Handler Command Injection

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW. On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform...

7CVSS5.8AI score0.0988EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 7:29 p.m.29 views

CVE-2026-25622 Arista Edge Threat Management NGFW Captive Portal Custom Handler Command Injection

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW. On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform...

7CVSS0.0988EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 7:29 p.m.13 views

EUVD-2026-34907

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW. On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform...

7CVSS5.8AI score0.0988EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 7:28 p.m.10 views

CVE-2026-25621 Arista Edge Threat Management NGFW Reports Application Insecure Input Validation

A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS5.4AI score0.00222EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 7:26 p.m.27 views

CVE-2026-25620

The CVE-2026-25620 issue affects Arista Edge Threat Management NGFW (Captive Portal) in version 17.4.0 and earlier. It is a command injection vulnerability within the Captive Portal application framework that can be triggered by actions performed via the NGFW UI, requiring administrative access. ...

7CVSS5.5AI score0.0988EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/05 7:26 p.m.8 views

CVE-2026-25620

An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS5.5AI score0.0988EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/05 7:26 p.m.12 views

EUVD-2026-34903

An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS5.5AI score0.0988EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/05 7:26 p.m.10 views

CVE-2026-25620 Arista Edge Threat Management NGFW Captive Portal Encrypted Password Command Injection

An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS5.5AI score0.0988EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.15 views

PT-2026-47046

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW version 17.4.0 Description An infrastructure issue in the Reports application is caused by insecure input validation, which occurs when a program does not properly verify the...

7CVSS5.4AI score0.00222EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞

Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. Version...

7CVSS5.3AI score0.0988EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.13 views

Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞

Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. There are...

7CVSS5.9AI score0.0988EPSS
Exploits0References1
Arista
Arista
added 2026/02/03 12:0 a.m.36 views

Security Advisory 0133

Security Advisory 0133 PDF Date: February 3, 2026 Revision | Date | Changes ---|---|--- 1.0 | February 3, 2026 | Initial release Description Several vulnerabilities exist for the Arista Edge Threat Management - Arista NG Firewall NGFW. On affected platforms, an administrative account logged into...

7.2CVSS5.6AI score0.11737EPSS
Exploits0
CNNVD
CNNVD
added 2025/10/23 12:0 a.m.9 views

Arista Edge Threat Management - Arista Next Generation Firewall Versions 安全漏洞

Arista Edge Threat Management - Arista Next Generation Firewall Versions is a next-generation firewall from Arista USA. A security vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall Versions, which stems from a Captive Portal that could expose sensitive...

7.5CVSS6.6AI score0.00437EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-25082

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.08794EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/10 12:0 a.m.4 views

Arista NG Firewall 安全漏洞

Arista NG Firewall is a WEB firewall from Arista USA. A security vulnerability exists in Arista Edge Threat Management - Arista NG Firewall that originates from a user with advanced reporting application access rights can perform unauthorized actions...

7.6CVSS6.7AI score0.00406EPSS
Exploits0References1
Rows per page
Query Builder