Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiGereon HuppertzZDI-24-364
HistoryApr 09, 2024 - 12:00 a.m.

Arista NG Firewall ReportEntry SQL Injection Remote Code Execution Vulnerability

2024-04-0900:00:00
Gereon Huppertz
www.zerodayinitiative.com
9
arista ng firewall
sql injection
remote code execution
authentication
reportentry class
user-supplied string
sql queries
postgres user

8.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.0%

JSON

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is required to exploit this vulnerability. The specific flaw exists within the ReportEntry class. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the postgres user.

Related

cve 1
prion 1
arista 1
cvelist 1
nvd 1
cve
cve
CVE-2024-27889
2024-03-04 20:15:50
prion
prion
Sql injection
2024-03-04 20:15:00
arista
arista
Security Advisory 0093
2024-02-28 00:00:00
cvelist
cvelist
CVE-2024-27889 Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall (NGFW).
2024-03-04 19:32:33
nvd
nvd
CVE-2024-27889
2024-03-04 20:15:50

8.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.0%

JSON
Related for ZDI-24-364
cve1prion1arista1cvelist1nvd1