CVE-2026-25620

MEDIUM NVD

CVSS Score 6

Severity MEDIUM

Published Jun 05, 2026

Vendor unknown

Description

An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely affects version 17.4.0; earlier software releases are not exposed.

References

https://www.arista.com/en/support/advisories-notices/security-advisory/22867-security-advisory-0133