CVE-2025-2172

Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames

Assigner : mandiant-cve@google.com

More information : https://cloud.google.com/blog/topics/threat-intelligence/remote-code-execution-aviatrix-controller