📦 Ng Firewall

This critical vulnerability in Arista NG Firewall allows remote attackers to execute arbitrary code with root privileges by exploiting a cross-site scripting flaw in User-Agent header processing. Atta...

Multiple SQL injection vulnerabilities in the reporting application allow authenticated users with advanced report access rights to execute arbitrary SQL commands. Successful exploitation can lead to ...

CVE-2024-9188 is a cross-site scripting vulnerability in Arista products that allows attackers to inject malicious scripts via specially crafted queries. When exploited, this can leak administrator au...

CVE-2024-47519 is a man-in-the-middle vulnerability in Arista's ETM backup upload functionality that allows attackers to intercept and potentially modify backup data during transmission. This affects ...

This vulnerability allows users with advanced report application access rights to perform unauthorized actions beyond their intended permissions. It affects Arista EOS systems where users have been gr...

This CVE allows administrators to execute arbitrary commands through command injection in Arista products. Attackers with admin privileges can exploit this to gain unauthorized system access. Organiza...

This vulnerability allows administrators to configure insecure captive portal scripts in Arista EOS devices, potentially enabling remote code execution. Attackers could exploit this to execute arbitra...

This vulnerability allows unauthenticated remote attackers to execute arbitrary code on Arista NG Firewall systems via directory traversal in the custom_handler method. Attackers can exploit improper ...

This CVE describes SQL injection vulnerabilities in Arista Edge Threat Management (NGFW) reporting application. Authenticated users with advanced report access can exploit these vulnerabilities to exe...

This vulnerability allows administrators to retrieve authentication tokens, potentially enabling privilege escalation or lateral movement. It affects Arista network devices where administrators have a...

This vulnerability allows attackers to obtain expired administrator authentication tokens from network devices that have timed out from ETM (Embedded Test and Management) access. This affects Arista n...

This SQL injection vulnerability in Arista NG Firewall's ReportEntry class allows authenticated attackers to read and write arbitrary files on affected systems. Attackers can leverage this to disclose...