CVE-2025-6978: Arbitrary Code Execution in the Arista NG Firewall
ID: 2a766618-a714-5ed3-b75b-07b84f8aef81
STIX ID: report--2a766618-a714-5ed3-b75b-07b84f8aef81
Feed Name: Zero Day Initiative (ZDI) Blog
Threat Score
The report describes a command injection vulnerability in Arista NG Firewall: the NetworkManagerImpl.runTroubleshooting() JSON-RPC method concatenates user-provided parameters into environment variables and calls network-troubleshooting.sh via Runtime.getRuntime().exec(), where the script uses eval; input filtering omits characters like the backtick, enabling potential command injection.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.