Skip to content

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

Notifications You must be signed in to change notification settings

0xAgun/CVE-2021-40870

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 

Repository files navigation


CVE-2021-40870 Exploitation

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Modules need to Install

To run this project, you will need to add the following modules in your python

requests urllib3

Uses

To run this project you need to do the followings

  python3 poc.py https://site.com/

must include / at the end of the url

🔗 Links

twitter

About

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages