A Mandiant Red Team engagement has uncovered two critical vulnerabilities in Aviatrix Controller”, cloud networking software used to manage multi-cloud environments. The flaws enable full system compromise through an authentication bypass (CVE-2025-2171) followed by authenticated command injection (CVE-2025-2172). Authentication Bypass (CVE-2025-2171) The attack chain begins with a weak password reset mechanism. Attackers can brute-force 6-digit reset […] The post Aviatrix Cloud Controller Flaw Enables Remote Code Execution via Authentication Bypass appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/aviatrix-cloud-controller-flaw/
