133 matches found
CVE-2021-40870
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...
CVE-2021-40870
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...
Directory traversal
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...
CVE-2021-40870
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...
CVE-2021-40870
Summary (CVE-2021-40870) : Aviatrix Controller 6.x before 6.5-1804.1922 is affected by an unrestricted file upload via a directory traversal flaw that enables an unauthenticated attacker to execute arbitrary code. The base vulnerability is described in the primary CVE record, which lists the affe...
CVE-2021-40870
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...
CVE-2021-40870
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal. Recent assessments: JoyGhoshs at October 09, 2021 6:33am UTC reported:...
Aviatrix Controller 代码问题漏洞
Aviatrix Controller is an application from Aviatrix, Inc. It extends and controls the native structure using the cloud provider's APIs to extend its functionality and integrate it into the software. A security vulnerability exists in Aviatrix Controller that stems from a lack of effective...
PT-2021-7652
Name of the Vulnerable Software and Affected Versions Aviatrix Controller versions 6.x through 6.5-1804.1921 Description The issue is related to an unrestricted upload of a file with a dangerous type, allowing an unauthenticated user to execute arbitrary code via directory traversal. This can be...
Unspecified vulnerability in Aviatrix Controller (CNVD-2021-32028)
Aviatrix Controller is an application from Aviatrix, Inc. Extend and control the native fabric with the cloud provider's APIs to extend its functionality and integrate it into the software. A security vulnerability exists in Aviatrix Controller version 5.3.1516, which stems from the presence of...
CVE-2020-27568
Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and directories were found in the controller resource. Note: All Aviatrix appliances are fully encrypted. This is an extra layer of security...
CVE-2020-27568
Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and directories were found in the controller resource. Note: All Aviatrix appliances are fully encrypted. This is an extra layer of security...
CVE-2020-27568
The CVE-2020-27568 entry concerns Aviatrix Controller 5.3.1516 with insecure file permissions. The issue is caused by the presence of world-writable files and directories in the controller resource, as noted in multiple sources. The information provided does not include specific vulnerable compon...
Aviatrix Controller 安全漏洞
Aviatrix Controller is an application from Aviatrix, Inc. Extend and control the native fabric with the cloud provider's APIs to extend its functionality and integrate it into the software. A security vulnerability exists in Aviatrix Controller version 5.3.1516, which stems from the presence of...
Unspecified Vulnerability in Aviatrix Controller
Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. A security vulnerability exists in Aviatrix Controller versions prior to R5.3.1151. The vulnerability stems from a weak key in an encrypted file containing credentials. No...
Aviatrix Controller htaccess Security Control Bypass Vulnerability
Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An htaccess security control bypass vulnerability exists in Aviatrix Controller versions prior to R5.4.1290. An attacker can exploit this vulnerability to download files...
Unspecified vulnerability in Aviatrix Controller (CNVD-2021-17716)
Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. A sudo rule insecurity vulnerability exists in Aviatrix Controller versions prior to R5.4.1290. An attacker could execute all commands as any user on the system through th...
Aviatrix Controller Arbitrary File Upload Vulnerability
Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An arbitrary file upload vulnerability exists in Aviatrix Controller versions prior to R6.0.2483. The vulnerability stems from several APIs that contain functionality that...
Aviatrix Controller Improper Access Control Vulnerability
Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An improper access control vulnerability exists in Aviatrix Controller versions prior to R6.0.2483. The vulnerability stems from the fact that multiple executables...
Aviatrix Controller Encryption Key Plaintext Storage Vulnerability
Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An encryption key plaintext storage vulnerability exists in Aviatrix Controller versions prior to R5.3.1151. An attacker can exploit this vulnerability to obtain plaintext...