virus logo Intrusion Prevention

Aviatrix.Controller.File.Upload.Directory.Traversal

description-logoDescription

This indicates an attack attempt to exploit a Directory Traversal Vulnerability in Aviatrix Controller.
The vulnerability is due to insufficient sanitizing of user-supplied inputs in the application. A remote, unauthenticated attacker can exploit this vulnerability to write an arbitrary file and lead to execution of arbitrary code in the security context of the application.

affected-products-logoAffected Products

Aviatrix Controller 6.2 prior to 6.2.2043
Aviatrix Controller 6.3 prior to 6.3.2490
Aviatrix Controller 6.4 prior to 6.4.2838
Aviatrix Controller 6.5 prior to 6.5.1922

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://read.docs.aviatrix.com/HowTos/Controller_and_Software_Release_Notes.html#security-note-9-11-2021

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2024-04-02 27.759 Default_action:pass:drop
2024-03-25 27.754
ID 54817
Created Mar 06, 2024
Updated Mar 25, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2021-40870
Known Exploited Yes
Exploit Prediction Score 92.09%
Default Action drop
Active
Affected OS All
Affected App PHP_app