This vulnerability is an input validation flaw that allows arbitrary command execution within the browser management pipeline of the Arista Edge Threat Management NGFW. Authenticated administrators who can access the administrative browser interface can send specially crafted requests that are passed to underlying terminal scripts, enabling the execution of arbitrary commands on the device. The issue is classified under CWE-78, indicating a command injection weakness that can compromise confidentiality, integrity, and availability of the firewall system if exploited.

The affected product is Arista Networks’ Arista Edge Threat Management – Arista Next Generation Firewall (NGFW). Affected versions are not listed in the advisory; however, the vendor recommends upgrading to NGFW Version 17.4.1 to mitigate the issue.

The CVSS score of 7 reflects a medium to high severity vulnerability. EPSS 6% indicates a moderate exploitation probability, and the issue is not included in CISA’s KEV catalog, suggesting no large-scale exploitation has been observed yet. The attack vector is inferred to be via the web-based administrative interface, and authentication is required (an administrator account). Given these factors, the risk remains moderate to high for organizations that expose the GUI to potential attackers or have weak internal access controls.