Information security
fromZero Day Initiative
1 day agoZero Day Initiative - CVE-2025-6978: Arbitrary Code Execution in the Arista NG Firewall
Arista NG Firewall's runTroubleshooting() fails to properly validate inputs, enabling command injection by passing unsanitized environment variables to network-troubleshooting.sh.