Lucene search

CVE-2021-40870

🗓️ 13 Sep 2021 00:00:00Reported by AttackerKBType

An unrestricted file upload vulnerability in Aviatrix Controller 6.x before 6.5-1804.1922 allows unauthenticated users to execute arbitrary code via directory traversal

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 16
Hacker One	Informatica: CVE-2021-40870 in [███]	6 Oct 202104:33	–	hackerone
Hacker One	Elastic: CVE-2021-40870 on [52.204.160.31]	1 Oct 202120:20	–	hackerone
NVD	CVE-2021-40870	13 Sep 202108:15	–	nvd
Nuclei	Aviatrix Controller 6.x before 6.5-1804.1922 - Remote Command Execution	30 Sep 202106:57	–	nuclei
GithubExploit	Exploit for Interpretation Conflict in Aviatrix Controller	7 Oct 202117:19	–	githubexploit
GithubExploit	Exploit for Relative Path Traversal in Aviatrix Controller	8 Oct 202105:35	–	githubexploit
Vulnrichment	CVE-2021-40870	13 Sep 202107:41	–	vulnrichment
0day.today	Aviatrix Controller 6.x Path Traversal / Code Execution Exploit	12 Oct 202100:00	–	zdt
Packet Storm	Aviatrix Controller 6.x Path Traversal / Code Execution	11 Oct 202100:00	–	packetstorm
Check Point Advisories	Aviatrix Controller Directory Traversal (CVE-2021-40870)	30 Dec 202100:00	–	checkpoint_advisories

Source	Link
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
docs	www.docs.aviatrix.com/HowTos/UCC_Release_Notes.html
wearetradecraft	www.wearetradecraft.com/advisories/tc-2021-0002/
packetstormsecurity	www.packetstormsecurity.com/files/164461/Aviatrix-Controller-6.x-Path-Traversal-Code-Execution.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Sep 2021 00:00Current

9.9High risk

Vulners AI Score9.9

CVSS27.5

CVSS39.8

EPSS0.94191