Share
## https://sploitus.com/exploit?id=351AF35D-0027-5E10-A8BC-9250CC3215F0
# Arista NGFW Sensitive Information Disclosure Check

Arista NGFW CVE-2025-6980 scanner by Bishop Fox

- Tests a target for info disclosure CVE-2025-6980
- Does not perform any administrative actions on the target

For more information about this vulnerability, refer to the [Bishop Fox blog](https://bishopfox.com/blog/arista-firewall-xss-to-rce-chain).

## Setup

```sh
git clone https://github.com/BishopFox/CVE-2025-6980-check
cd CVE-2025-6980-check
python3 -m pip install requests
```

## Usage

```sh
python3 scan.py http[s]://[TARGET]
```

## Examples

```sh
# Vulnerable target
$ python3 scan.py https://example1.com
[*] Testing https://example1.com
[!] Target is VULNERABLE - update immediately!

# Unaffected target
$ python3 scan.py https://example2.com
[*] Testing https://example2.com
[+] Target is not affected

# Invalid target
$ python3 scan.py https://example3.com
[*] Testing https://example3.com
[-] Target does not appear to be Arista NGFW
```

## License

This code is distributed under an [MIT license](LICENSE).