{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-2172", "assignerOrgId": "027e81ed-0dd4-4685-ab4d-884aec5bb484", "state": "PUBLISHED", "assignerShortName": "Mandiant", "dateReserved": "2025-03-10T16:18:09.651Z", "datePublished": "2025-06-23T14:01:19.310Z", "dateUpdated": "2026-02-26T17:50:27.223Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Controller", "vendor": "Aviatrix", "versions": [{"status": "unaffected", "version": "7.1.4208"}, {"status": "unaffected", "version": "7.2.5090"}, {"status": "unaffected", "version": "8.0.0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames"}], "value": "Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "exploitMaturity": "PROOF_OF_CONCEPT", "baseScore": 6.6, "baseSeverity": "MEDIUM", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "027e81ed-0dd4-4685-ab4d-884aec5bb484", "shortName": "Mandiant", "dateUpdated": "2025-06-23T18:04:09.203Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0004.md"}, {"tags": ["technical-description"], "url": "https://cloud.google.com/blog/topics/threat-intelligence/remote-code-execution-aviatrix-controller"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2172", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-24T03:55:36.333136Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T17:50:27.223Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2172", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-24T03:55:36.333136Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-23T15:37:23.592Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 6.6, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "exploitMaturity": "PROOF_OF_CONCEPT", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Aviatrix", "product": "Controller", "versions": [{"status": "unaffected", "version": "7.1.4208"}, {"status": "unaffected", "version": "7.2.5090"}, {"status": "unaffected", "version": "8.0.0"}], "defaultStatus": "affected"}], "references": [{"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0004.md", "tags": ["third-party-advisory"]}, {"url": "https://cloud.google.com/blog/topics/threat-intelligence/remote-code-execution-aviatrix-controller", "tags": ["technical-description"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames", "supportingMedia": [{"type": "text/html", "value": "Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "027e81ed-0dd4-4685-ab4d-884aec5bb484", "shortName": "Mandiant", "dateUpdated": "2025-06-23T18:04:09.203Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2172", "state": "PUBLISHED", "dateUpdated": "2026-02-26T17:50:27.223Z", "dateReserved": "2025-03-10T16:18:09.651Z", "assignerOrgId": "027e81ed-0dd4-4685-ab4d-884aec5bb484", "datePublished": "2025-06-23T14:01:19.310Z", "assignerShortName": "Mandiant"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames"}, {"lang": "es", "value": "Las versiones de Aviatrix Controller anteriores a 7.1.4208, 7.2.5090 y 8.0.0 no depuran la entrada del usuario antes de pasarla a las utilidades de l\u00ednea de comandos, lo que permite la inyecci\u00f3n de comandos a trav\u00e9s de caracteres especiales en los nombres de archivos."}], "id": "CVE-2025-2172", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "HIGH", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "mandiant-cve@google.com", "type": "Secondary"}]}, "published": "2025-06-23T14:15:26.607", "references": [{"source": "mandiant-cve@google.com", "url": "https://cloud.google.com/blog/topics/threat-intelligence/remote-code-execution-aviatrix-controller"}, {"source": "mandiant-cve@google.com", "url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0004.md"}], "sourceIdentifier": "mandiant-cve@google.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "mandiant-cve@google.com", "type": "Secondary"}]}

{}

{"created": "2025-06-27T09:26:49.194302+00:00", "updated": "2025-06-27T09:26:49.194376+00:00", "vendors": ["aviatrix", "aviatrix$PRODUCT$controller"]}