Vulnerabilities > Arista > NG Firewall > High

DATE CVE VULNERABILITY TITLE RISK
2024-12-20 CVE-2024-12829 OS Command Injection vulnerability in Arista NG Firewall 17.1.1
Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability.
network
low complexity
arista CWE-78
8.8
8.8
2024-12-20 CVE-2024-12830 Path Traversal vulnerability in Arista NG Firewall 17.1.1
Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability.
network
low complexity
arista CWE-22
7.3
7.3
2024-12-20 CVE-2024-12831 Incorrect Authorization vulnerability in Arista NG Firewall 17.1.1
Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability.
local
low complexity
arista CWE-863
7.8
7.8