CVE-2021-40870CISA KEVEPSS p99.8%

CVE-2021-40870Aviatrix Controller Unrestricted Upload of File

Aviatrix / Aviatrix Controller

Description

Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal.

Scoring

EPSS92.38% probability of exploitation · percentile 99.8% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2022-01-18

(incoming)1

TypeTargetConfidenceTier
KEVEntryAviatrix Controller Unrestricted Upload of Filekev-cve-2021-408700%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Aviatrix Controllers OS Command Injection Vulnerability
CVE
Advantive VeraCore Unrestricted File Upload Vulnerability
CVE
Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability
CVE
CVE-2026-40412
CVE
CVE-2025-41735
CVE
CVE-2026-29859
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.