cbcvebase.

Arista Ng Firewall vulnerabilities

20 known vulnerabilities affecting arista/ng_firewall.

Total CVEs
20
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH10MEDIUM8

Vulnerabilities

Page 1 of 1
CVE-2024-12829P2HIGHCVSS 8.8v17.1.12024-12-20
CVE-2024-12829 [HIGH] CWE-78 CVE-2024-12829: Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This vulne Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is required to exploit this vulnerability. The specific flaw exists within the ExecManagerImpl class. The issue results from the l
nvd
CVE-2024-27889P2HIGHCVSS 8.8≤ 17.02024-03-04
CVE-2024-27889 [HIGH] CWE-89 CVE-2024-27889: Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall (NGFW). A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
nvd
CVE-2025-2767P3CRITICALCVSS 9.6v17.1.12025-04-23
CVE-2025-2767 [CRITICAL] CWE-79 CVE-2025-2767: Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnera Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the processing of the User-Agent HTTP header.
nvd
CVE-2024-12830P3HIGHCVSS 7.3v17.1.12024-12-20
CVE-2024-12830 [HIGH] CWE-22 CVE-2024-12830: Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This vuln Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the custom_handler method. T
nvd
CVE-2026-25622P3MEDIUMCVSS 6.0fixed in 17.4.12026-06-05
CVE-2026-25622 [MEDIUM] CWE-78 CVE-2026-25622: A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Managem A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform shell commands.
nvd
CVE-2024-9134P3HIGHCVSS 8.3fixed in 17.22025-01-10
CVE-2024-9134 [HIGH] CWE-89 CVE-2024-9134: Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced rep Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
nvd
CVE-2024-9131P3HIGHCVSS 7.2≤ 17.1.12025-01-10
CVE-2024-9131 [HIGH] CWE-88 CVE-2024-9131: A user with administrator privileges can perform command injection A user with administrator privileges can perform command injection
nvd
CVE-2026-25620P3MEDIUMCVSS 6.0v17.42026-06-05
CVE-2026-25620 [MEDIUM] CWE-78 CVE-2026-25620: An encrypted password command injection vulnerability exists in the Captive Portal application frame An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely affects version 17.4.0; earlier software releases are not exposed.
nvd
CVE-2024-9132P3CRITICALCVSS 9.8≤ 17.1.12025-01-10
CVE-2024-9132 [CRITICAL] CWE-94 CVE-2024-9132: The administrator is able to configure an insecure captive portal script The administrator is able to configure an insecure captive portal script
nvd
CVE-2024-47518P3HIGHCVSS 7.6≤ 17.1.12025-01-10
CVE-2024-47518 [HIGH] CWE-552 CVE-2024-47518: Specially constructed queries targeting ETM could discover active remote access sessions Specially constructed queries targeting ETM could discover active remote access sessions
nvd
CVE-2026-25623P3MEDIUMCVSS 6.0fixed in 17.4.12026-06-05
CVE-2026-25623 [MEDIUM] CWE-78 CVE-2026-25623: An input validation command execution vulnerability exists in the browser management pipeline of Ari An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions.
nvd
CVE-2024-12832P3MEDIUMCVSS 6.3v17.1.12024-12-20
CVE-2024-12832 [MEDIUM] CWE-89 CVE-2024-12832: Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This vulne Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files and disclose sensitive information on affected installations of Arista NG Firewall. Authentication is required to exploit this vulnerability. The specific flaw exists within the ReportEntry cl
nvd
CVE-2024-12831P3HIGHCVSS 7.8v17.1.12024-12-20
CVE-2024-12831 [HIGH] CWE-863 CVE-2024-12831: Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This vulner Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific fl
nvd
CVE-2024-9188P3HIGHCVSS 8.8fixed in 17.22025-01-10
CVE-2024-9188 [HIGH] CWE-79 CVE-2024-9188: Specially constructed queries cause cross platform scripting leaking administrator tokens Specially constructed queries cause cross platform scripting leaking administrator tokens
nvd
CVE-2024-47520P3HIGHCVSS 7.6≤ 17.1.12025-01-10
CVE-2024-47520 [HIGH] CWE-653 CVE-2024-47520: A user with advanced report application access rights can perform actions for which they are not aut A user with advanced report application access rights can perform actions for which they are not authorized
nvd
CVE-2024-47517P3MEDIUMCVSS 6.8≤ 17.1.12025-01-10
CVE-2024-47517 [MEDIUM] CWE-1230 CVE-2024-47517: Expired and unusable administrator authentication tokens can be revealed by units that have timed ou Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
nvd
CVE-2024-47519P4HIGHCVSS 7.1≤ 17.1.12025-01-10
CVE-2024-47519 [HIGH] CWE-322 CVE-2024-47519: Backup uploads to ETM subject to man-in-the-middle interception Backup uploads to ETM subject to man-in-the-middle interception
nvd
CVE-2026-25621P4MEDIUMCVSS 6.0v17.42026-06-05
CVE-2026-25621 [MEDIUM] CWE-78 CVE-2026-25621: A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed.
nvd
CVE-2024-9133P4MEDIUMCVSS 5.6≤ 17.1.12025-01-10
CVE-2024-9133 [MEDIUM] CWE-287 CVE-2024-9133: A user with administrator privileges is able to retrieve authentication tokens A user with administrator privileges is able to retrieve authentication tokens
nvd
CVE-2026-25624P4MEDIUMCVSS 4.8fixed in 17.4.12026-06-05
CVE-2026-25624 [MEDIUM] CWE-79 CVE-2026-25624: An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboar An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processing behavior controls.
nvd
Arista Ng Firewall vulnerabilities | cvebase