CVE-2021-40870 Exploitation

An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Modules need to Install

To run this project, you will need to add the following modules in your python

requests
urllib3

Uses

To run this project you need to do the followings

  python3 poc.py https://site.com/

must include / at the end of the url

🔗 Links

twitter

GitHub

View Github