CVE-2025-2767

Critical CVSS: 9.6

Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability.

The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407.

Vendor

Arista

Product

Ng Firewall

CWE

CWE-79

Yayın Tarihi

2025-04-23 17:16:54

Güncelleme

2025-08-14 14:40:30

Source Identifier

zdi-disclosures@trendmicro.com

KEV Date Added

Kategoriler

CWE-79 Ng Firewall CRITICAL Arista 2025

Referanslar

https://www.zerodayinitiative.com/advisories/ZDI-25-181/

Benzer Kayıtlar

High

CVE-2024-9134

Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application acce…

High

CVE-2024-9188

Specially constructed queries cause cross platform scripting leaking administrator tokens

Medium

CVE-2024-9133

A user with administrator privileges is able to retrieve authentication tokens

Medium

CVE-2024-47518

Specially constructed queries targeting ETM could discover active remote access sessions

High

CVE-2024-47519

Backup uploads to ETM subject to man-in-the-middle interception

High

CVE-2024-47520

A user with advanced report application access rights can perform actions for which they are not authorized