VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with admin privileges on VMware Avi Load Balancer can create, modify, execute and delete files as a root user on the host system.
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.