Lucene search
+L

133 matches found

OSV
OSV
added 2021/09/13 8:15 a.m.1 views

CVE-2021-40870

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...

9.8CVSS7.6AI score0.93019EPSS
Exploits5References4
NVD
NVD
added 2021/09/13 8:15 a.m.19 views

CVE-2021-40870

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...

9.8CVSS0.93019EPSS
Exploits5References4
Prion
Prion
added 2021/09/13 8:15 a.m.21 views

Directory traversal

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...

7.5CVSS9.7AI score0.93019EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2021/09/13 7:41 a.m.30 views

CVE-2021-40870

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...

10AI score0.93019EPSS
Exploits5References3
CVE
CVE
added 2021/09/13 7:41 a.m.1082 views

CVE-2021-40870

Summary (CVE-2021-40870) : Aviatrix Controller 6.x before 6.5-1804.1922 is affected by an unrestricted file upload via a directory traversal flaw that enables an unauthenticated attacker to execute arbitrary code. The base vulnerability is described in the primary CVE record, which lists the affe...

9.8CVSS9.6AI score0.93019EPSS
In wildExploits5References4Affected Software1
Vulnrichment
Vulnrichment
added 2021/09/13 7:41 a.m.8 views

CVE-2021-40870

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...

7.8AI score0.93019EPSS
Exploits5References3
ATTACKERKB
ATTACKERKB
added 2021/09/13 12:0 a.m.63 views

CVE-2021-40870

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal. Recent assessments: JoyGhoshs at October 09, 2021 6:33am UTC reported:...

9.8CVSS9.9AI score0.93019EPSS
In wildExploits5References4
CNNVD
CNNVD
added 2021/09/13 12:0 a.m.6 views

Aviatrix Controller 代码问题漏洞

Aviatrix Controller is an application from Aviatrix, Inc. It extends and controls the native structure using the cloud provider's APIs to extend its functionality and integrate it into the software. A security vulnerability exists in Aviatrix Controller that stems from a lack of effective...

9.8CVSS9AI score0.93019EPSS
Exploits5References5
Positive Technologies
Positive Technologies
added 2021/09/13 12:0 a.m.5 views

PT-2021-7652

Name of the Vulnerable Software and Affected Versions Aviatrix Controller versions 6.x through 6.5-1804.1921 Description The issue is related to an unrestricted upload of a file with a dangerous type, allowing an unauthenticated user to execute arbitrary code via directory traversal. This can be...

10CVSS10AI score0.93019EPSS
Exploits5References20
CNVD
CNVD
added 2021/04/22 12:0 a.m.22 views

Unspecified vulnerability in Aviatrix Controller (CNVD-2021-32028)

Aviatrix Controller is an application from Aviatrix, Inc. Extend and control the native fabric with the cloud provider's APIs to extend its functionality and integrate it into the software. A security vulnerability exists in Aviatrix Controller version 5.3.1516, which stems from the presence of...

7.5CVSS6.8AI score0.01561EPSS
Exploits0References1
OSV
OSV
added 2021/04/21 10:15 p.m.6 views

CVE-2020-27568

Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and directories were found in the controller resource. Note: All Aviatrix appliances are fully encrypted. This is an extra layer of security...

7.5CVSS5.7AI score0.01561EPSS
Exploits0References1
NVD
NVD
added 2021/04/21 10:15 p.m.21 views

CVE-2020-27568

Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and directories were found in the controller resource. Note: All Aviatrix appliances are fully encrypted. This is an extra layer of security...

7.5CVSS0.01561EPSS
Exploits0References1
CVE
CVE
added 2021/04/21 9:16 p.m.37 views

CVE-2020-27568

The CVE-2020-27568 entry concerns Aviatrix Controller 5.3.1516 with insecure file permissions. The issue is caused by the presence of world-writable files and directories in the controller resource, as noted in multiple sources. The information provided does not include specific vulnerable compon...

7.5CVSS7.6AI score0.01561EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/04/21 12:0 a.m.7 views

Aviatrix Controller 安全漏洞

Aviatrix Controller is an application from Aviatrix, Inc. Extend and control the native fabric with the cloud provider's APIs to extend its functionality and integrate it into the software. A security vulnerability exists in Aviatrix Controller version 5.3.1516, which stems from the presence of...

7.5CVSS5.6AI score0.01561EPSS
Exploits0References2
CNVD
CNVD
added 2020/11/18 12:0 a.m.5 views

Unspecified Vulnerability in Aviatrix Controller

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. A security vulnerability exists in Aviatrix Controller versions prior to R5.3.1151. The vulnerability stems from a weak key in an encrypted file containing credentials. No...

7.5CVSS6.8AI score0.01461EPSS
Exploits1References1
CNVD
CNVD
added 2020/11/18 12:0 a.m.5 views

Aviatrix Controller htaccess Security Control Bypass Vulnerability

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An htaccess security control bypass vulnerability exists in Aviatrix Controller versions prior to R5.4.1290. An attacker can exploit this vulnerability to download files...

7.5CVSS6.8AI score0.01488EPSS
Exploits1References1
CNVD
CNVD
added 2020/11/18 12:0 a.m.8 views

Unspecified vulnerability in Aviatrix Controller (CNVD-2021-17716)

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. A sudo rule insecurity vulnerability exists in Aviatrix Controller versions prior to R5.4.1290. An attacker could execute all commands as any user on the system through th...

9CVSS7.1AI score0.01441EPSS
Exploits1References1
CNVD
CNVD
added 2020/11/18 12:0 a.m.8 views

Aviatrix Controller Arbitrary File Upload Vulnerability

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An arbitrary file upload vulnerability exists in Aviatrix Controller versions prior to R6.0.2483. The vulnerability stems from several APIs that contain functionality that...

9.8CVSS7.7AI score0.01742EPSS
Exploits1References1
CNVD
CNVD
added 2020/11/18 12:0 a.m.6 views

Aviatrix Controller Improper Access Control Vulnerability

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An improper access control vulnerability exists in Aviatrix Controller versions prior to R6.0.2483. The vulnerability stems from the fact that multiple executables...

7.5CVSS6.7AI score0.01163EPSS
Exploits1References1
CNVD
CNVD
added 2020/11/18 12:0 a.m.9 views

Aviatrix Controller Encryption Key Plaintext Storage Vulnerability

Aviatrix Controller is a centralized control panel for orchestrating and managing various network and connectivity solutions. An encryption key plaintext storage vulnerability exists in Aviatrix Controller versions prior to R5.3.1151. An attacker can exploit this vulnerability to obtain plaintext...

7.5CVSS6.4AI score0.00909EPSS
Exploits1References1
Rows per page
Query Builder