CVE-2026-25622

MEDIUM NVD

CVSS Score 6

Severity MEDIUM

Published Jun 05, 2026

Vendor unknown

Description

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform shell commands.

References

https://www.arista.com/en/support/advisories-notices/security-advisory/23399-security-advisory-0133