An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Related CVEs

CVE-2021-40870

Key Information

GHSA ID

GHSA-w7mg-q4hh-m9cq

Published

May 24, 2022 7:14 PM

Last Modified

February 4, 2025 9:32 PM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 27, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.