Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 6:44 a.m.10 views

CVE-2024-50603

An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloudtype for...

10CVSS9.9AI score0.98545EPSS
Exploits5References1
Saint
Saint
added 2025/02/04 12:0 a.m.202 views

Aviatrix Controller list_flightpath_destination_instances command injection

Added: 02/04/2025 Background Aviatrix Controller is a cloud networking platform that manages connectivity of cloud and hybrid networks. Problem A command injection vulnerability in the listflightpathdestinationinstances API action allows remote attackers to execute arbitrary commands. Resolution...

10CVSS8.4AI score0.98545EPSS
Exploits5
Saint
Saint
added 2025/02/04 12:0 a.m.185 views

Aviatrix Controller list_flightpath_destination_instances command injection

Added: 02/04/2025 Background Aviatrix Controller is a cloud networking platform that manages connectivity of cloud and hybrid networks. Problem A command injection vulnerability in the listflightpathdestinationinstances API action allows remote attackers to execute arbitrary commands. Resolution...

10CVSS8.4AI score0.98545EPSS
Exploits5
CISA
CISA
added 2025/01/16 12:0 p.m.16 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-50603link is external Aviatrix Controllers OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber acto...

10CVSS10AI score0.98545EPSS
In wildExploits5References6
HackRead
HackRead
added 2025/01/15 9:29 a.m.33 views

Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers

A critical vulnerability CVE-2024-50603 in the Aviatrix Controller allows unauthenticated RCE. Active exploitation observed by Wiz Research in…...

10CVSS7.2AI score0.98545EPSS
Exploits5
The Hacker News
The Hacker News
added 2025/01/13 1:33 p.m.15 views

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it's currently responding to "multiple incidents" involving the...

10CVSS10AI score0.98545EPSS
Exploits5
GithubExploit
GithubExploit
added 2025/01/08 12:0 p.m.137 views

Exploit for OS Command Injection in Aviatrix Controller

CVE-20...

10CVSS7.1AI score0.98545EPSS
Exploits5
Circl
Circl
added 2025/01/08 1:9 a.m.11 views

CVE-2024-50603

creationtimestamp| type| source ---|---|--- 2025-01-08 01:09:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113790061901237352 2025-01-08 01:15:28+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf6yghkmun2f 2025-01-08 01:37:28+00:00| seen|...

10CVSS7.1AI score0.98545EPSS
In wildExploits5References65
Vulnrichment
Vulnrichment
added 2025/01/08 12:0 a.m.21 views

CVE-2024-50603

An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloudtype for...

10CVSS7.8AI score0.98545EPSS
Exploits5References3
Cvelist
Cvelist
added 2025/01/08 12:0 a.m.36 views

CVE-2024-50603

An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloudtype for...

10CVSS0.98545EPSS
Exploits5References3
CVE
CVE
added 2025/01/08 12:0 a.m.272 views

CVE-2024-50603

CVE-2024-50603 in Aviatrix Controller (versions < 7.1.4191 for 7.1.x and

10CVSS9.8AI score0.98545EPSS
In wildExploits5References4Affected Software1
Rows per page
Query Builder