CVE-2021-40870
CVE-2021-40870 copied to clipboard

→

Metadata

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

Readme
Issues

CVE-2021-40870 Exploitation

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Modules need to Install

To run this project, you will need to add the following modules in your python

requests urllib3

Uses

To run this project you need to do the followings

  python3 poc.py https://site.com/

must include / at the end of the url

🔗 Links

About

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

remote-code-execution

cve-2021-40870

16

Stars

6

Forks

Watchers

Owner

0xAgun

← Metadata

16

Stars

6

Forks

Watchers

Owner

0xAgun

Metadata

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

Back

CVE-2021-40870 CVE-2021-40870 copied to clipboard

Metadata

CVE-2021-40870 Exploitation

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Modules need to Install

Uses

🔗 Links

← Metadata

Owner

Metadata

CVE-2021-40870
CVE-2021-40870 copied to clipboard