Vulnerability Details CVE-2026-25622
A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform shell commands.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.9%
CVSS Severity
CVSS v3 Score 6.0
References
Products affected by CVE-2026-25622
-
cpe:2.3:a:arista:ng_firewall:13.0.0
-
cpe:2.3:a:arista:ng_firewall:13.1.0
-
cpe:2.3:a:arista:ng_firewall:13.1.1
-
cpe:2.3:a:arista:ng_firewall:13.2.0
-
cpe:2.3:a:arista:ng_firewall:13.2.1
-
cpe:2.3:a:arista:ng_firewall:14.0.0
-
cpe:2.3:a:arista:ng_firewall:14.0.1
-
cpe:2.3:a:arista:ng_firewall:14.1.0
-
cpe:2.3:a:arista:ng_firewall:14.1.1
-
cpe:2.3:a:arista:ng_firewall:14.1.2
-
cpe:2.3:a:arista:ng_firewall:14.2.0
-
cpe:2.3:a:arista:ng_firewall:14.2.1
-
cpe:2.3:a:arista:ng_firewall:14.2.2
-
cpe:2.3:a:arista:ng_firewall:15.0.0
-
cpe:2.3:a:arista:ng_firewall:15.1
-
cpe:2.3:a:arista:ng_firewall:15.1.1
-
cpe:2.3:a:arista:ng_firewall:15.1.2
-
cpe:2.3:a:arista:ng_firewall:16.0
-
cpe:2.3:a:arista:ng_firewall:16.1
-
cpe:2.3:a:arista:ng_firewall:16.2
-
cpe:2.3:a:arista:ng_firewall:16.2.1
-
cpe:2.3:a:arista:ng_firewall:16.2.2
-
cpe:2.3:a:arista:ng_firewall:16.3
-
cpe:2.3:a:arista:ng_firewall:16.3.2
-
cpe:2.3:a:arista:ng_firewall:16.4
-
cpe:2.3:a:arista:ng_firewall:16.4.1
-
cpe:2.3:a:arista:ng_firewall:16.5
-
cpe:2.3:a:arista:ng_firewall:16.5.1
-
cpe:2.3:a:arista:ng_firewall:16.5.2
-
cpe:2.3:a:arista:ng_firewall:16.6
-
cpe:2.3:a:arista:ng_firewall:16.6.1
-
cpe:2.3:a:arista:ng_firewall:16.6.2
-
cpe:2.3:a:arista:ng_firewall:17.0
-
cpe:2.3:a:arista:ng_firewall:17.1
-
cpe:2.3:a:arista:ng_firewall:17.1.1
-
cpe:2.3:a:arista:ng_firewall:17.2
-
cpe:2.3:a:arista:ng_firewall:17.3
-
cpe:2.3:a:arista:ng_firewall:17.3.1
-
cpe:2.3:a:arista:ng_firewall:17.4