135 matches found
CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting
An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...
CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting
An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...
EUVD-2026-34911
An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...
EUVD-2026-34909
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions...
CVE-2026-25623
CVE-2026-25623 describes a command execution vulnerability in the browser management pipeline of Arista Edge Threat Management NGFW. The issue requires an authenticated administrative user with UI access and affects NGFW versions up to 17.4.0. The advisory indicates the vulnerability allows an ad...
CVE-2026-25622 Arista Edge Threat Management NGFW Captive Portal Custom Handler Command Injection
A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW. On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform...
CVE-2026-25621
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...
CVE-2026-25621
Arista NGFW (Arista Edge Threat Management) Reports application is affected by insecure input validation in version 17.4.0. The vulnerability affects the Reports component (Import/Restore Data Backup Files field) and requires administrative UI access. No exploitation details are provided in the d...
CVE-2026-25621 Arista Edge Threat Management NGFW Reports Application Insecure Input Validation
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...
EUVD-2026-34903
An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...
Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞
Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. Version...
Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞
Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. There are...
PT-2026-47049
Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW affected versions not specified Description An administrative cross-site scripting XSS issue exists in the web user interface dashboard layout. Unvalidated user-supplied...
PT-2026-47047
Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW affected versions not specified Description A command injection issue exists in the Captive Portal Custom Handler. An administrative account logged into the user interface ca...
Arista Edge Threat Management - Arista Next Generation Firewall 安全漏洞
Arista Edge Threat Management – Arista Next Generation Firewall is a unified network security platform developed by the American company Arista. It integrates next-generation firewalls, intrusion prevention, web filtering, application control, and network threat protection capabilities. Version...
PT-2026-47046
Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW version 17.4.0 Description An infrastructure issue in the Reports application is caused by insecure input validation, which occurs when a program does not properly verify the...
CVE-2026-0265
An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service CAS is enabled. The risk is higher if CAS is enabled on the management interface and lower when...
CVE-2026-2624
Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall NGFW allows Authentication Bypass.This issue affects Antikor Next Generation Firewall NGFW: from v.2.0.1298 before v.2.0.1301...
CVE-2026-2624
Missing Authentication for Critical Function vulnerability in ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall NGFW allows Authentication Bypass. This issue affects Antikor Next Generation Firewall NGFW: from v.2.0.1298 before v.2.0.1301...
CVE-2026-2624
CVE-2026-2624 affects Antikor Next Generation Firewall (NGFW) from ePati Cyber Security Technologies Inc. The issue is a Missing Authentication for Critical Function vulnerability that enables an authentication bypass. Affected versions are NGFW 2.0.1298 up to, but not including, 2.0.1301. The CV...