THREATOPS
THREAT OPSCVEs › CVE-2021-40870

CVE-2021-40870 — Aviatrix Controller Unrestricted Upload of File

CISA KEVExploited: confirmedAviatrix

Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Vulnerability details