Main Vulnerability Database Vulnerabilities #VU126175

#VU126175 OS Command Injection in Arista Edge Threat Management - Arista NG Firewall (NGFW) - CVE-2026-25620

Published: April 15, 2026

Vulnerability identifier: #VU126175

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-25620

CWE-ID: CWE-78

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Arista Edge Threat Management - Arista NG Firewall (NGFW)

Software vendor:
Arista Networks

Description

The vulnerability allows a remote user to execute arbitrary commands.

The vulnerability exists due to command injection in the encrypted password handling functionality of the Captive Portal application when processing crafted input in the NGFW user interface. A remote privileged user can submit crafted input to execute arbitrary commands.

Only systems with the Captive Portal application installed and enabled, and with Captive Portal Basic Login enabled, are vulnerable.

Remediation

Install security update from vendor's website.

External links

https://www.arista.com/en/support/advisories-notices/security-advisory/23399-security-advisory-0133

#VU126175 OS Command Injection in Arista Edge Threat Management - Arista NG Firewall (NGFW) - CVE-2026-25620

Description

Remediation

External links

Please verify you're human