National Cyber Warfare Foundation (NCWF)

Aviatrix Cloud Controller Flaw Enables Remote Code Execution via Authentication Bypass
0 user ratings		2025-06-24 06:32:44
milo
Red Team (CNA)

A Mandiant Red Team engagement has uncovered two critical vulnerabilities in Aviatrix Controller—cloud networking software used to manage multi-cloud environments. The flaws enable full system compromise through an authentication bypass (CVE-2025-2171) followed by authenticated command injection (CVE-2025-2172). Authentication Bypass (CVE-2025-2171) The attack chain begins with a weak password reset mechanism. Attackers can brute-force 6-digit reset […]


The post Aviatrix Cloud Controller Flaw Enables Remote Code Execution via Authentication Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Divya

Source: gbHackers
Source Link: https://gbhackers.com/aviatrix-cloud-controller-flaw/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Red Team (CNA)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.