Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers

A critical vulnerability (CVE-2024-50603) in the Aviatrix Controller allows unauthenticated RCE. Active exploitation observed by Wiz Research in the wild for cryptojacking and backdoors. Learn about the risks and how to mitigate them.

Wiz Research, a prominent player in the cloud security space, has observed that a critical security flaw, CVE-2024-50603, impacting the Aviatrix Controller cloud networking platform, has been actively exploited in the wild by threat actors. With a CVSS score of 10.0, this critical vulnerability allows unauthenticated remote code execution (RCE) due to improper input sanitization in certain API endpoints.

CVE-2024-50603, is a critical flaw in Aviatrix Controller, a cloud networking platform, allowing unauthenticated remote code execution. A command injection vulnerability arises from improper input sanitization in certain API endpoints. That is, the Aviatrix Controller’s PHP API, which incorporates user-supplied parameters, is vulnerable to attacks due to improper handling, allowing malicious OS commands to be executed ...