EUVD-2026-34911

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

CVE-2026-25623

CVE-2026-25623 describes a command execution vulnerability in the browser management pipeline of Arista Edge Threat Management NGFW. The issue requires an authenticated administrative user with UI access and affects NGFW versions up to 17.4.0. The advisory indicates the vulnerability allows an ad...

EUVD-2026-34909

An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions...

CVE-2026-25622 Arista Edge Threat Management NGFW Captive Portal Custom Handler Command Injection

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW. On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform...

CVE-2026-25621 Arista Edge Threat Management NGFW Reports Application Insecure Input Validation

A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

CVE-2026-25621

Arista NGFW (Arista Edge Threat Management) Reports application is affected by insecure input validation in version 17.4.0. The vulnerability affects the Reports component (Import/Restore Data Backup Files field) and requires administrative UI access. No exploitation details are provided in the d...

CVE-2026-25621

A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

EUVD-2026-34903

An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

PT-2026-47049

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW affected versions not specified Description An administrative cross-site scripting XSS issue exists in the web user interface dashboard layout. Unvalidated user-supplied...

PT-2026-47047

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW affected versions not specified Description A command injection issue exists in the Captive Portal Custom Handler. An administrative account logged into the user interface ca...

PT-2026-47046

Name of the Vulnerable Software and Affected Versions Arista Edge Threat Management - Arista Next Generation Firewall NGFW version 17.4.0 Description An infrastructure issue in the Reports application is caused by insecure input validation, which occurs when a program does not properly verify the...

CVE-2026-0265

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service CAS is enabled. The risk is higher if CAS is enabled on the management interface and lower when...

CVE-2026-2624

Missing Authentication for Critical Function vulnerability in ePati Cyber ​​Security Technologies Inc. Antikor Next Generation Firewall NGFW allows Authentication Bypass.This issue affects Antikor Next Generation Firewall NGFW: from v.2.0.1298 before v.2.0.1301...

CVE-2026-2624

Missing Authentication for Critical Function vulnerability in ePati Cyber ​​Security Technologies Inc. Antikor Next Generation Firewall NGFW allows Authentication Bypass. This issue affects Antikor Next Generation Firewall NGFW: from v.2.0.1298 before v.2.0.1301...

CVE-2026-2624

CVE-2026-2624 affects Antikor Next Generation Firewall (NGFW) from ePati Cyber Security Technologies Inc. The issue is a Missing Authentication for Critical Function vulnerability that enables an authentication bypass. Affected versions are NGFW 2.0.1298 up to, but not including, 2.0.1301. The CV...

PT-2026-21902

Name of the Vulnerable Software and Affected Versions ePati Cyber Security Technologies Inc. Antikor Next Generation Firewall NGFW versions prior to 2.0.1301 Description A missing authentication check for a critical function in the Antikor Next Generation Firewall NGFW allows an attacker to bypas...

Arista Edge Threat Management - Arista Next Generation Firewall Versions 安全漏洞

Arista Edge Threat Management - Arista Next Generation Firewall Versions is a next-generation firewall from Arista USA. A security vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall Versions, which stems from a Captive Portal that could expose sensitive...

Arista Edge Threat Management - Arista Next Generation Firewall Versions 安全漏洞

Arista Edge Threat Management - Arista Next Generation Firewall Versions is a next-generation firewall from Arista USA. A security vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall Versions that stems from a diagnostic command injection flaw...