Trix Shots Remote Code Execution on Aviatrix Controller

This blog post highlights a Mandiant Red Team case study simulating an “Initial Access Brokerage” approach that discovered two vulnerabilities on Aviatrix Controller, a Software-Defined Networking (SDN) utility that allows for the creation of links between different cloud vendors and regions:

• CVE-2025-2171: an administrator authentication bypass
• CVE-2025-2172: an authenticated command injection

The vulnerabilities affected Aviatrix Controller 7.2.5012 and prior versions and were patched in versions 8.0.0, 7.2.5090, and 7.1.4208. Thank you to the team at Aviatrix who took the reported security issues seriously and remediated them in a timely manner.

To read the complete article see: Remote Code Execution on Aviatrix Controller

💼