CVE-2025-2172 Information
Jun 26, 2025
cve
Description
Aviatrix Controller versions prior to 7.1.4208 7.2.5090 and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities allowing command injection via special characters in filenames
Reference
https://cloud.google.com/blog/topics/threat-intelligence/remote-code-execution-aviatrix-controller https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0004.md
Share on: