← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-40870 — Actively Exploited: Aviatrix Controller (Aviatrix)

Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

CVE IDCVE-2021-40870
VendorAviatrix
ProductAviatrix Controller
Vulnerability nameAviatrix Controller Unrestricted Upload of File
Date added2022-01-18
Remediation due2022-02-01
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionUnrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →