← back
CVE-2021-40870

CVE-2021-40870

CVSS 9.8 CRITICALEPSS 93.0%● KEV
Vexday Risk Score
100Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
Exploit maturity
Functional exploit
Popular PoC on GitHub (16 stars) — exploitation code widely available.
CVSS 9.8EPSS 93.0%KEV simPoC públicaNuclei simMetasploit Patch
Lifecycle
13 Sep 2021Published on NVD
07 Oct 2021Public PoC
18 Jan 2022Active exploitation (CISA KEV)
Weaponization speed
24 daysto first PoC
127 daysto active exploitation (KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

The Aviatrix Controller allows anyone, without logging in, to upload dangerous files that can execute arbitrary code on the server. This happens because the system doesn't properly validate file types or prevent directory traversal attacks.

Technical detail

Aviatrix Controller 6.x before 6.5-1804.1922 suffers from an unauthenticated arbitrary file upload vulnerability combined with directory traversal. An attacker can bypass file type restrictions and write malicious files to arbitrary locations on the filesystem, achieving remote code execution without requiring authentication.

Summary generated and translated by AI from the official description.
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.