CVE-2021-40870 — Actively Exploited: Aviatrix Controller (Aviatrix)
Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
| CVE ID | CVE-2021-40870 |
|---|---|
| Vendor | Aviatrix |
| Product | Aviatrix Controller |
| Vulnerability name | Aviatrix Controller Unrestricted Upload of File |
| Date added | 2022-01-18 |
| Remediation due | 2022-02-01 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →