octdev - Security Researcher - Exploit Intelligence Platform

CVE-2021-40870 NOMISEC CRITICAL WORKING POC

Aviatrix Controller <6.5-1804.1922 - Code Injection

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

3 stars

CVSS 9.8

View Code

CVE-2021-40870 INTHEWILD CRITICAL WORKING POC

Aviatrix Controller <6.5-1804.1922 - Code Injection

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

CVSS 9.8

View Code

CVE-2021-40870 INTHEWILD CRITICAL WORKING POC

Aviatrix Controller <6.5-1804.1922 - Code Injection

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

CVSS 9.8

View Code