CVE-2021-40870

CVE Published	2021-09-13
Related CWE(s)	CWE-23: Relative Path Traversal
Related Vendor(s)	aviatrix
Related Product(s)	controller
Exploitation Reported (CISA KEV)	2022-01-18
CVSS 3 Base Score	9.8 (CRITICAL)
CVSS 3 Attack Complexity	LOW
CVSS 3 Attack Vector	NETWORK

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Cyber Threat Graph Context

Explore how this CVE relates to the wider threat graph

Associated CAPEC Patterns

Manipulating Web Input to File System Calls (CAPEC-76)

An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.

Relative Path Traversal (CAPEC-139)

An attacker exploits a weakness in input validation on the target by supplying a specially constructed path utilizing dot and slash characters for the purpose of obtaining access to arbitrary files or resources. An attacker modifies a known path on the target in order to reach material that is not available through intended channels. These attacks normally involve adding additional path separators (/ or \) and/or dots (.), or encodings thereof, in various combinations in order to reach parent directories or entirely separate trees of the target's directory structure.

References

CVE-2021-40870

Cyber Threat Graph Context

Associated CAPEC Patterns

Manipulating Web Input to File System Calls (CAPEC-76)

Relative Path Traversal (CAPEC-139)

References

CVE.org

NIST National Vulnerability Database

CISA Known Exploited Vulnerabilities