CVE-2026-25622 | THREATINT

Description

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform shell commands.

PUBLISHED Reserved 2026-02-03 | Published 2026-06-05 | Updated 2026-06-05 | Assigner Arista

MEDIUM: 6.0CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

HIGH: 7.0CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L/S:P

Problem types

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status

unaffected

Any version

affected

Credits

Jon Williams & Ronan Kervella from Bishop Fox finder

References

www.arista.com/...rity-advisory/23399-security-advisory-0133 vendor-advisory

cve.org (CVE-2026-25622)

nvd.nist.gov (CVE-2026-25622)

Download JSON