CVE-2021-40870

Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal. Vendor/Product: Aviatrix Aviatrix Controller. Added to CISA KEV 2022-01-18; required action: Apply updates per vendor instructions.