exploitDog

GHSA-wr65-2r27-crgw

Опубликовано: 23 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 7.5

Описание

Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames

Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames

Ссылки

EPSS

Процентиль: 39%

0.00174

Низкий

7.5 High

CVSS4

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2025-2172

nvd

8 месяцев назад

Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames

EPSS

Процентиль: 39%

0.00174

Низкий

7.5 High

CVSS4

CVE ID

Дефекты

CWE-78