Skip to content
/ CVE-2021-40870 Public

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

15 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0xAgun/CVE-2021-40870

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 
poc.py
poc.py
 
 

Repository files navigation


CVE-2021-40870 Exploitation

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Modules need to Install

To run this project, you will need to add the following modules in your python

requests urllib3

Uses

To run this project you need to do the followings

  python3 poc.py https://site.com/

must include / at the end of the url

🔗 Links

twitter

About

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

Topics

remote-code-execution cve-2021-40870

Resources

Readme
Activity

Stars

15 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases 1

release v0.5.4 Latest
Oct 8, 2021

Packages

No packages published

Languages