Lucene search
K

133 matches found

OSV
OSV
added 2020/11/17 9:15 p.m.5 views

CVE-2020-26553

An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...

9.8CVSS7.4AI score0.01742EPSS
Exploits1References1
NVD
NVD
added 2020/11/17 9:15 p.m.14 views

CVE-2020-26549

An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading...

7.5CVSS7.5AI score0.01488EPSS
Exploits1References1
OSV
OSV
added 2020/11/17 9:15 p.m.3 views

CVE-2020-26550

An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key...

7.5CVSS7.1AI score0.01461EPSS
Exploits1References1
NVD
NVD
added 2020/11/17 9:15 p.m.13 views

CVE-2020-26550

An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key...

7.5CVSS7.5AI score0.01461EPSS
Exploits1References1
OSV
OSV
added 2020/11/17 9:15 p.m.6 views

CVE-2020-26552

An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access...

7.5CVSS7.1AI score0.01163EPSS
Exploits1References1
NVD
NVD
added 2020/11/17 9:15 p.m.22 views

CVE-2020-26552

An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access...

7.5CVSS7.6AI score0.01163EPSS
Exploits1References1
OSV
OSV
added 2020/11/17 9:15 p.m.4 views

CVE-2020-26551

An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file...

7.5CVSS5.8AI score0.00909EPSS
Exploits1References1
NVD
NVD
added 2020/11/17 9:15 p.m.22 views

CVE-2020-26551

An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file...

7.5CVSS7.5AI score0.00909EPSS
Exploits1References1
NVD
NVD
added 2020/11/17 9:15 p.m.20 views

CVE-2020-26553

An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...

9.8CVSS9.5AI score0.01742EPSS
Exploits1References1
NVD
NVD
added 2020/11/17 9:15 p.m.18 views

CVE-2020-26548

An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system...

9CVSS8.9AI score0.01441EPSS
Exploits1References1
OSV
OSV
added 2020/11/17 9:15 p.m.5 views

CVE-2020-26548

An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system...

8.8CVSS7.4AI score0.01441EPSS
Exploits1References1
OSV
OSV
added 2020/11/17 9:15 p.m.5 views

CVE-2020-26549

An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading...

7.5CVSS7.1AI score0.01488EPSS
Exploits1References1
Prion
Prion
added 2020/11/17 9:15 p.m.19 views

Design/Logic Flaw

An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system...

9CVSS8.8AI score0.01441EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/11/17 9:15 p.m.19 views

Design/Logic Flaw

An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...

7.5CVSS9.3AI score0.01742EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/11/17 9:15 p.m.15 views

Remote file inclusion

An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted key values are stored in a readable file...

5CVSS7.4AI score0.00909EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/11/17 9:15 p.m.13 views

Design/Logic Flaw

An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access...

5CVSS7.5AI score0.01163EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/11/17 9:15 p.m.14 views

Design/Logic Flaw

An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading...

5CVSS7.5AI score0.01488EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2020/11/17 9:15 p.m.13 views

Design/Logic Flaw

An issue was discovered in Aviatrix Controller before R5.3.1151. An encrypted file containing credentials to unrelated systems is protected by a three-character key...

5CVSS7.5AI score0.01461EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/11/17 8:59 p.m.20 views

CVE-2020-26553

An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree...

9.5AI score0.01742EPSS
Exploits1References1
CVE
CVE
added 2020/11/17 8:59 p.m.56 views

CVE-2020-26553

CVE-2020-26553 affects Aviatrix Controller prior to R6.0.2483. Multiple APIs allow arbitrary files to be uploaded to the web tree, enabling remote code execution as described in connected CNVD/NVD records. Affected product: Aviatrix Controller; vulnerability root cause: file upload in API functio...

9.8CVSS9.3AI score0.01742EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder