CVE-2024-50603
CVE-2024-50603
In short
An unauthenticated attacker can execute arbitrary code on Aviatrix Controller by sending shell commands through unprotected API parameters. This happens because the system doesn't properly filter special characters before running system commands.
Technical detail
CWE-78 OS Command Injection vulnerability in Aviatrix Controller versions before 7.1.4191 and 7.2.x before 7.2.4996. Unauthenticated attackers can inject shell metacharacters via the /v1/api endpoint parameters (cloud_type in list_flightpath_destination_instances or src_cloud_type in flightpath_connection_test) to achieve remote code execution with controller privileges.
Summary generated and translated by AI from the official description.
An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to the improper neutralization of special elements used in an OS command, an unauthenticated attacker is able to execute arbitrary code. Shell metacharacters can be sent to /v1/api in cloud_type for list_flightpath_destination_instances, or src_cloud_type for flightpath_connection_test.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected products
Aviatrix · Controllerpublic PoCs found — 1
githubgithub.com/th3gokul/CVE-2024-50603★ 17⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://docs.aviatrix.com/documentation/latest/network-security/index.htmlhttps://docs.aviatrix.com/documentation/latest/release-notices/psirt-advisories/psirt-advisories.html?expand=true#remote-code-execution-vulnerability-in-aviatrix-controllershttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-50603https://www.securing.pl/en/cve-2024-50603-aviatrix-network-controller-command-injection-vulnerability/