A vulnerability has been found in Arista Edge Threat Management 17.4.0 and classified as critical . The affected element is an unknown function of the component Captive Portal Application Framework . This manipulation causes os command injection. This vulnerability is handled as CVE-2026-25620 . The attack can be initiated remotely. There is not any exploit available.