Get unlimited access
Open in app
Home
Notifications
Lists
Stories

Write

Cve 2021 40870

0

Stories

1

Writers

Joy Ghosh

Joy Ghosh

·Oct 9, 2021

Unrestricted upload of file with dangerous type in Aviatrix allows an authenticated user to execute arbitrary code [CVE-2021–40870]

Similar APIs designed to upload files from authenticated users did not properly sanitize their destination input, allowing directory traversal attacks which could eventually allow an authenticated attacker to execute code on the controller. So Directory traversal Actually allowing an unauthenticated attacker to execute code or store code on controller. So…

Cve 2021 40870

3 min read

Unrestricted upload of file with dangerous type in Aviatrix allows an authenticated user to execute…
Unrestricted upload of file with dangerous type in Aviatrix allows an authenticated user to execute…

Related Topics

Exploiting

Related Topics

Exploiting

Visit the archive

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable