Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2021-40870

Aviatrix | Aviatrix ControllerAdded 2022-01-18Remediation Deadline 2022-02-01

Aviatrix Controller Unrestricted Upload of File

Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-25

CWE-96

References