Skip to main content

Ng Firewall CVE-2024-12829

HIGH
OS Command Injection (CWE-78)
2024-12-20 zdi-disclosures@trendmicro.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 20, 2024 - 01:15 nvd
HIGH 8.8

DescriptionNVD

Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is required to exploit this vulnerability.

The specific flaw exists within the ExecManagerImpl class. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24015.

AnalysisAI

Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as OS Command Injection (CWE-78), which allows attackers to execute arbitrary operating system commands on the host. Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is required to exploit this vulnerability. The specific flaw exists within the ExecManagerImpl class. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24015. Affected products include: Arista Ng Firewall.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Avoid passing user input to shell commands. Use language-specific APIs instead of shell execution. Apply strict input validation with allowlists.

CVE-2025-2767 CRITICAL
9.6 Apr 23

Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.

CVE-2024-27889 HIGH
8.8 Mar 04

Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista

CVE-2024-12831 HIGH
7.8 Dec 20

Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. Rated high severity (CVSS 7.8),

CVE-2024-12830 HIGH
7.3 Dec 20

Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3

CVE-2019-18647 HIGH
7.2 Nov 14

The Untangle NG firewall 14.2.0 is vulnerable to an authenticated command injection when logged in as an admin user. Rat

CVE-2019-18646 HIGH
7.2 Nov 14

The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline-query SQL injection within the timeDataDynamicColu

CVE-2026-25622 HIGH
7.0 Jun 05

Command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) Captive Portal Custom Handler allows

CVE-2026-25620 HIGH
7.0 Jun 05

Command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) version 17.4.0 allows authenticated h

CVE-2026-25623 HIGH
7.0 Jun 05

Authenticated command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) allows administrators w

CVE-2026-25621 HIGH
7.0 Jun 05

Command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) version 17.4.0 allows high-privileged

CVE-2024-12832 MEDIUM
6.3 Dec 20

Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. Rated medium severity (CVSS 6.

CVE-2026-25624 MEDIUM
5.8 Jun 05

Cross-site scripting in the Arista Edge Threat Management Next Generation Firewall web UI dashboard allows a high-privil

Share

CVE-2024-12829 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy