VYPR

Ng Firewall

by Arista

CVEs (5)

  • CVE-2026-25623MedJun 5, 2026
    risk 0.39cvss 6.0epss 0.06

    An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing…

  • CVE-2026-25622MedJun 5, 2026
    risk 0.39cvss 6.0epss 0.10

    A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute…

  • CVE-2026-25621MedJun 5, 2026
    risk 0.39cvss 6.0epss 0.00

    A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed.

  • CVE-2026-25620MedJun 5, 2026
    risk 0.39cvss 6.0epss 0.10

    An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely affects version 17.4.0; earlier software releases are not exposed.

  • CVE-2026-25624MedJun 5, 2026
    risk 0.37cvss 5.7epss 0.00

    An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating…