VYPR
← All advisories
Medium severity6.0NVD Advisory· Published Jun 5, 2026· Updated Jun 5, 2026

CVE-2026-25622

CVE-2026-25622

Description

Arista NGFW Captive Portal handler allows administrative users to inject commands, leading to arbitrary shell command execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Arista NGFW Captive Portal handler allows administrative users to inject commands, leading to arbitrary shell command execution.

Vulnerability

A command injection vulnerability exists in the Captive Portal Custom Handler component of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) [1]. This issue affects affected platforms where an administrative account logged into the user interface can exploit this input handling behavior.

Exploitation

An attacker with administrative privileges logged into the Arista NGFW user interface can exploit this vulnerability by interacting with the Captive Portal Custom Handler. The attacker needs to provide specially crafted input to the handler, which is then processed in a way that allows for arbitrary platform shell commands to be executed [1].

Impact

Successful exploitation of this vulnerability allows an attacker to execute arbitrary platform shell commands with the privileges of the affected application. This could lead to unauthorized access, modification, or deletion of data, and potentially compromise the entire system [1].

Mitigation

Arista has released Security Advisory 0133 detailing this vulnerability, but a fixed version or specific mitigation steps are not yet disclosed in the available references [1]. Users are advised to monitor Arista's support page for updates regarding patches or workarounds.

References
  1. Security Advisory 0133 - Arista

AI Insight generated on Jun 5, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

1

News mentions

0

No linked articles in our index yet.