Security for everyone

CVE-2021-40870 Scanner

Detects 'Unrestricted File Upload' vulnerability in Aviatrix Controller affects v. 6.x before 6.5-1804.1922.

SCAN NOW

Short Info


Level

Critical

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

CVE-2021-40870 Scanner Detail

Aviatrix Controller is a cloud network management platform that simplifies complex networking tasks on public clouds such as AWS, Azure, and Google Cloud. With this platform, network administrators can easily manage and monitor their cloud infrastructure from a single console. The product is designed to provide users with secure and reliable cloud connectivity.

However, a vulnerability was discovered in Aviatrix Controller 6.x versions before 6.5-1804.1922. Identified as CVE-2021-40870, the vulnerability allows unrestricted upload of files with dangerous types. An unauthenticated user can exploit directory traversal to execute arbitrary code, which poses a significant risk to the victim organization.

This vulnerability can lead to severe consequences if exploited. An attacker can use the vulnerability to gain unauthorized access to sensitive data, install malicious software, and cause a denial of service for critical services. Moreover, the attacker can compromise the cloud environment and use it for other malicious activities, such as cryptocurrency mining or launching further attacks on the organization.

Thanks to pro features of SecurityForEveryone.com, readers of this article can easily and quickly learn about vulnerabilities in their digital assets. The platform provides a comprehensive vulnerability scanning tool that can identify and prioritize vulnerabilities based on severity levels. Moreover, SecurityForEveryone.com offers actionable recommendations, including best practices and patches, to help organizations mitigate identified vulnerabilities and improve their overall security posture. By leveraging the expertise and resources of SecurityForEveryone.com, organizations can stay ahead of emerging threats and protect their digital assets from attackers.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture