Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
PoC: CVE-2021-40870
Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal
PoC: CVE-2021-40870
Aviatrix allows an authenticated user to execute arbitrary code
PoC: CVE-2021-40870
Unrestricted upload of file with dangerous type in Aviatrix allows an authenticated user to execute arbitrary code
PoC: CVE-2021-40870
Unrestricted upload of file with dangerous type in Aviatrix allows an authenticated user to execute arbitrary code
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free