Loading market data...
← Back to CVE feed

CVE-2026-25622

MEDIUM CVSS 6.0 View on NVD ↗

Description

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform shell commands.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
Published: Jun 05, 2026 20:17 UTC Modified: Jun 05, 2026 20:48 UTC