## https://sploitus.com/exploit?id=351AF35D-0027-5E10-A8BC-9250CC3215F0
# Arista NGFW Sensitive Information Disclosure Check
Arista NGFW CVE-2025-6980 scanner by Bishop Fox
- Tests a target for info disclosure CVE-2025-6980
- Does not perform any administrative actions on the target
For more information about this vulnerability, refer to the [Bishop Fox blog](https://bishopfox.com/blog/arista-firewall-xss-to-rce-chain).
## Setup
```sh
git clone https://github.com/BishopFox/CVE-2025-6980-check
cd CVE-2025-6980-check
python3 -m pip install requests
```
## Usage
```sh
python3 scan.py http[s]://[TARGET]
```
## Examples
```sh
# Vulnerable target
$ python3 scan.py https://example1.com
[*] Testing https://example1.com
[!] Target is VULNERABLE - update immediately!
# Unaffected target
$ python3 scan.py https://example2.com
[*] Testing https://example2.com
[+] Target is not affected
# Invalid target
$ python3 scan.py https://example3.com
[*] Testing https://example3.com
[-] Target does not appear to be Arista NGFW
```
## License
This code is distributed under an [MIT license](LICENSE).