CVE-2026-25623
published 2026-06-05CVE-2026-25623: An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation…
PriorityP344medium6CVSS 3.1
AVNACLPRHUINSUCHILAL
EPSS
6.17%
92.6th percentile
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arista | ng_firewall | < 17.4.1 | 17.4.1 |
| arista_networks | arista_edge_threat_management_arista_next_generation_firewall | <= 17.4.0 | — |
CVSS provenance
nvdv3.16.0MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
nvdv4.07.0HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Arista Edge Threat Management up to 17.4.0 os command injection
vuldb·2026-06-06·CVSS 7.0
CVE-2026-25623 [HIGH] Arista Edge Threat Management up to 17.4.0 os command injection
A vulnerability was found in Arista Edge Threat Management up to 17.4.0. It has been classified as critical. This affects an unknown function. Performing a manipulation results in os command injection.
This vulnerability was named CVE-2026-25623. The attack may be initiated remotely. There is no available exploit.
GHSA
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW).
ghsa_unreviewed·2026-06-05
CVE-2026-25623 [HIGH] CWE-78 An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW).
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-05
Published