CVE-2021-40870: Aviatrix Controller Unrestricted Upload of File.
Aviatrix Controller Unrestricted Upload of File. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.
- CISA KEV-listed (remediation due 2022-02-01)
- EPSS 94.3% (99.9% percentile)