Search criteria
18 vulnerabilities found for arrayos_ag by arraynetworks
FKIE_CVE-2025-66644
Vulnerability from fkie_nvd - Published: 2025-12-05 19:15 - Updated: 2025-12-09 18:45
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells/ | Press/Media Coverage | |
| cve@mitre.org | https://www.jpcert.or.jp/at/2025/at250024.html | Third Party Advisory | |
| cve@mitre.org | https://x.com/ArraySupport/status/1921373397533032590 | Third Party Advisory | |
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-66644 | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arraynetworks | arrayos_ag | * | |
| arraynetworks | ag1000 | - | |
| arraynetworks | ag1000t | - | |
| arraynetworks | ag1000v5 | - | |
| arraynetworks | ag1100 | - | |
| arraynetworks | ag1100v5 | - | |
| arraynetworks | ag1150 | - | |
| arraynetworks | ag1200 | - | |
| arraynetworks | ag1200v5 | - | |
| arraynetworks | ag1500 | - | |
| arraynetworks | ag1500fips | - | |
| arraynetworks | ag1500v5 | - | |
| arraynetworks | ag1600 | - | |
| arraynetworks | ag1600v5 | - | |
| arraynetworks | vxag | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10896125-DBC8-46DD-8F4E-C6A9A9ED7D16",
"versionEndExcluding": "9.4.5.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE11A77-8C2F-46CA-87BA-47624380FFC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED51E1F-3155-40C6-B61C-73D6A9F64987",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BC33CF-FA0B-4556-B11E-61FF9B14880A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD94C3C7-FA86-47EC-8D5C-4805CC9D7739",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C8C9AE-AF59-4E5A-93CD-A394F1A31FA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E025A9D-6B7C-42B6-95EA-0A5726A919F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0771D54C-15DF-403C-8CFA-B1E7D0136F50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9F6B87-E3D2-419A-B086-B981EF912F80",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D385DBD0-C4A9-4168-82C2-832E0E40F42D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01569AB3-736D-47FE-86DD-F08ACDDCD11E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E45185-071F-414A-AF78-4739F15A1D93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F0988E-5E75-486A-9229-956D38A51C35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D09E2CC-C1B5-40DC-AD1A-7C6AB20525DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E149796-E3D7-4FAF-AB64-8D273E701861",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025."
}
],
"id": "CVE-2025-66644",
"lastModified": "2025-12-09T18:45:02.223",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-12-05T19:15:53.293",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
],
"url": "https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.jpcert.or.jp/at/2025/at250024.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://x.com/ArraySupport/status/1921373397533032590"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-66644"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "cve@mitre.org",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-51707
Vulnerability from fkie_nvd - Published: 2023-12-22 02:15 - Updated: 2025-04-23 17:16
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arraynetworks | arrayos_ag | * | |
| arraynetworks | ag | - | |
| arraynetworks | vxag | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*",
"matchCriteriaId": "395D9A88-19A6-4F1E-AF91-AA305B162AFD",
"versionEndExcluding": "9.4.0.505",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arraynetworks:ag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC33420B-01DE-4B18-BAA8-D9BAAB608FE8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E149796-E3D7-4FAF-AB64-8D273E701861",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected."
},
{
"lang": "es",
"value": "MotionPro en Array ArrayOS AG anterior a 9.4.0.505 en AG y vxAG permite la ejecuci\u00f3n remota de comandos a trav\u00e9s de paquetes manipulados. AG y vxAG 9.3.0.259.x no se ven afectados."
}
],
"id": "CVE-2023-51707",
"lastModified": "2025-04-23T17:16:48.860",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-12-22T02:15:43.017",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Attacks.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Attacks.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-41121
Vulnerability from fkie_nvd - Published: 2023-08-25 22:15 - Updated: 2024-11-21 08:20
Severity ?
Summary
Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arraynetworks | arrayos_ag | * | |
| arraynetworks | vxag | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*",
"matchCriteriaId": "986B8380-E886-4F0E-83C2-D07FC48C0A03",
"versionEndExcluding": "9.4.0.499",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E149796-E3D7-4FAF-AB64-8D273E701861",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations."
}
],
"id": "CVE-2023-41121",
"lastModified": "2024-11-21T08:20:38.210",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-25T22:15:11.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://semonto.com/tools/website-reachability-check?test=325b4e588e64536b21664d24640f547"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Denial_of_Service_ID-144162.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://semonto.com/tools/website-reachability-check?test=325b4e588e64536b21664d24640f547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Denial_of_Service_ID-144162.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-28461
Vulnerability from fkie_nvd - Published: 2023-03-15 23:15 - Updated: 2025-11-03 18:14
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arraynetworks | arrayos_ag | * | |
| arraynetworks | ag1000 | - | |
| arraynetworks | ag1000t | - | |
| arraynetworks | ag1000v5 | - | |
| arraynetworks | ag1100v5 | - | |
| arraynetworks | ag1150 | - | |
| arraynetworks | ag1200 | - | |
| arraynetworks | ag1200v5 | - | |
| arraynetworks | ag1500 | - | |
| arraynetworks | ag1500fips | - | |
| arraynetworks | ag1500v5 | - | |
| arraynetworks | ag1600 | - | |
| arraynetworks | ag1600v5 | - | |
| arraynetworks | vxag | - |
{
"cisaActionDue": "2024-12-16",
"cisaExploitAdd": "2024-11-25",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D704D079-D1AF-40EA-98E7-BE1E01371B11",
"versionEndIncluding": "9.4.0.481",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE11A77-8C2F-46CA-87BA-47624380FFC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED51E1F-3155-40C6-B61C-73D6A9F64987",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BC33CF-FA0B-4556-B11E-61FF9B14880A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C8C9AE-AF59-4E5A-93CD-A394F1A31FA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E025A9D-6B7C-42B6-95EA-0A5726A919F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0771D54C-15DF-403C-8CFA-B1E7D0136F50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9F6B87-E3D2-419A-B086-B981EF912F80",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D385DBD0-C4A9-4168-82C2-832E0E40F42D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01569AB3-736D-47FE-86DD-F08ACDDCD11E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E45185-071F-414A-AF78-4739F15A1D93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F0988E-5E75-486A-9229-956D38A51C35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D09E2CC-C1B5-40DC-AD1A-7C6AB20525DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E149796-E3D7-4FAF-AB64-8D273E701861",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated \"a new Array AG release with the fix will be available soon.\""
}
],
"id": "CVE-2023-28461",
"lastModified": "2025-11-03T18:14:11.060",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-03-15T23:15:10.070",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-24613
Vulnerability from fkie_nvd - Published: 2023-02-03 02:15 - Updated: 2025-03-26 15:15
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Summary
The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arraynetworks | arrayos_ag | * | |
| arraynetworks | ag1000 | - | |
| arraynetworks | ag1000t | - | |
| arraynetworks | ag1000v5 | - | |
| arraynetworks | ag1100v5 | - | |
| arraynetworks | ag1150 | - | |
| arraynetworks | ag1200 | - | |
| arraynetworks | ag1200v5 | - | |
| arraynetworks | ag1500 | - | |
| arraynetworks | ag1500fips | - | |
| arraynetworks | ag1500v5 | - | |
| arraynetworks | ag1600 | - | |
| arraynetworks | ag1600v5 | - | |
| arraynetworks | vxag | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*",
"matchCriteriaId": "074EC86B-4746-4E34-AB53-E6437C22ED25",
"versionEndIncluding": "9.4.0.470",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE11A77-8C2F-46CA-87BA-47624380FFC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED51E1F-3155-40C6-B61C-73D6A9F64987",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BC33CF-FA0B-4556-B11E-61FF9B14880A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C8C9AE-AF59-4E5A-93CD-A394F1A31FA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E025A9D-6B7C-42B6-95EA-0A5726A919F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0771D54C-15DF-403C-8CFA-B1E7D0136F50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9F6B87-E3D2-419A-B086-B981EF912F80",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D385DBD0-C4A9-4168-82C2-832E0E40F42D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01569AB3-736D-47FE-86DD-F08ACDDCD11E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E45185-071F-414A-AF78-4739F15A1D93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F0988E-5E75-486A-9229-956D38A51C35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D09E2CC-C1B5-40DC-AD1A-7C6AB20525DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E149796-E3D7-4FAF-AB64-8D273E701861",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481."
},
{
"lang": "es",
"value": "La interfaz de usuario de Array Networks AG Series y vxAG hasta la versi\u00f3n 9.4.0.470 podr\u00eda permitir a un atacante remoto utilizar la herramienta gdb para sobrescribir la pila de llamadas de funciones backend despu\u00e9s de acceder al sistema con privilegios de administrador. Un exploit exitoso podr\u00eda aprovechar esta vulnerabilidad en el archivo binario backend que maneja la interfaz de usuario para provocar un ataque de denegaci\u00f3n de servicio. Esto se soluciona en AG 9.4.0.481."
}
],
"id": "CVE-2023-24613",
"lastModified": "2025-03-26T15:15:47.477",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-03T02:15:07.997",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-42897
Vulnerability from fkie_nvd - Published: 2022-10-13 00:15 - Updated: 2025-05-15 18:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arraynetworks | arrayos_ag | * | |
| arraynetworks | ag1000 | - | |
| arraynetworks | ag1000t | - | |
| arraynetworks | ag1000v5 | - | |
| arraynetworks | ag1100v5 | - | |
| arraynetworks | ag1150 | - | |
| arraynetworks | ag1200 | - | |
| arraynetworks | ag1200v5 | - | |
| arraynetworks | ag1500 | - | |
| arraynetworks | ag1500fips | - | |
| arraynetworks | ag1500v5 | - | |
| arraynetworks | ag1600 | - | |
| arraynetworks | ag1600v5 | - | |
| arraynetworks | ah1100 | - | |
| arraynetworks | vxag | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA309503-9419-47EC-A4A5-312C5CF77EB8",
"versionEndIncluding": "9.4.0.469",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBE11A77-8C2F-46CA-87BA-47624380FFC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED51E1F-3155-40C6-B61C-73D6A9F64987",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BC33CF-FA0B-4556-B11E-61FF9B14880A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C8C9AE-AF59-4E5A-93CD-A394F1A31FA0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E025A9D-6B7C-42B6-95EA-0A5726A919F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0771D54C-15DF-403C-8CFA-B1E7D0136F50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9F6B87-E3D2-419A-B086-B981EF912F80",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D385DBD0-C4A9-4168-82C2-832E0E40F42D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01569AB3-736D-47FE-86DD-F08ACDDCD11E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22E45185-071F-414A-AF78-4739F15A1D93",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F0988E-5E75-486A-9229-956D38A51C35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D09E2CC-C1B5-40DC-AD1A-7C6AB20525DC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:ah1100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02AC1873-8E42-4580-A9E0-C8E97BD8ADBA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E149796-E3D7-4FAF-AB64-8D273E701861",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected."
},
{
"lang": "es",
"value": "Array Networks AG/vxAG con ArrayOS AG versiones anteriores a 9.4.0.469, permite una inyecci\u00f3n de comandos no autenticados que conlleva a una escalada de privilegios y un control del sistema. NOTA: ArrayOS AG versi\u00f3n 10.x no est\u00e1 afectado"
}
],
"id": "CVE-2022-42897",
"lastModified": "2025-05-15T18:15:32.773",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-13T00:15:09.247",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Remote_Injection_Vulnerability_in_Array_VPN_Product_ID-11961_%20V2.1.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/fieldnotices.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Remote_Injection_Vulnerability_in_Array_VPN_Product_ID-11961_%20V2.1.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/fieldnotices.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CVE-2025-66644 (GCVE-0-2025-66644)
Vulnerability from cvelistv5 – Published: 2025-12-05 00:00 – Updated: 2025-12-09 04:55
VLAI?
Summary
Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Array Networks | ArrayOS AG |
Affected:
0 , < 9.4.5.9
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66644",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-12-08",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-66644"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T04:55:52.076Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-66644"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-08T00:00:00+00:00",
"value": "CVE-2025-66644 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ArrayOS AG",
"vendor": "Array Networks",
"versions": [
{
"lessThan": "9.4.5.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T19:04:17.037Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.jpcert.or.jp/at/2025/at250024.html"
},
{
"url": "https://x.com/ArraySupport/status/1921373397533032590"
},
{
"url": "https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells/"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-66644",
"datePublished": "2025-12-05T00:00:00.000Z",
"dateReserved": "2025-12-05T00:00:00.000Z",
"dateUpdated": "2025-12-09T04:55:52.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-51707 (GCVE-0-2023-51707)
Vulnerability from cvelistv5 – Published: 2023-12-22 00:00 – Updated: 2025-04-23 16:20
VLAI?
Summary
MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Attacks.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51707",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-02T15:33:23.561854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:20:10.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T01:44:45.151Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Attacks.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51707",
"datePublished": "2023-12-22T00:00:00.000Z",
"dateReserved": "2023-12-22T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:20:10.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41121 (GCVE-0-2023-41121)
Vulnerability from cvelistv5 – Published: 2023-08-25 00:00 – Updated: 2024-10-02 17:57
VLAI?
Summary
Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:04.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Denial_of_Service_ID-144162.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://semonto.com/tools/website-reachability-check?test=325b4e588e64536b21664d24640f547"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:arraynetworks:ag:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ag",
"vendor": "arraynetworks",
"versions": [
{
"lessThan": "9.4.0.499",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:54:21.481236Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:57:16.988Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T21:07:33.198684",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Denial_of_Service_ID-144162.pdf"
},
{
"url": "https://semonto.com/tools/website-reachability-check?test=325b4e588e64536b21664d24640f547"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-41121",
"datePublished": "2023-08-25T00:00:00",
"dateReserved": "2023-08-23T00:00:00",
"dateUpdated": "2024-10-02T17:57:16.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28461 (GCVE-0-2023-28461)
Vulnerability from cvelistv5 – Published: 2023-03-15 00:00 – Updated: 2025-10-21 23:15
VLAI?
Summary
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:arraynetworks:arrayos_ag:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "arrayos_ag",
"vendor": "arraynetworks",
"versions": [
{
"lessThanOrEqual": "9.4.0.481",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28461",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T04:55:26.280443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:23.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-25T00:00:00+00:00",
"value": "CVE-2023-28461 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated \"a new Array AG release with the fix will be available soon.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-15T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-28461",
"datePublished": "2023-03-15T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:23.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24613 (GCVE-0-2023-24613)
Vulnerability from cvelistv5 – Published: 2023-02-03 00:00 – Updated: 2025-03-26 14:55
VLAI?
Summary
The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481.
Severity ?
4.9 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-24613",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-26T14:53:45.920387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T14:55:05.017Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-24613",
"datePublished": "2023-02-03T00:00:00.000Z",
"dateReserved": "2023-01-30T00:00:00.000Z",
"dateUpdated": "2025-03-26T14:55:05.017Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-42897 (GCVE-0-2022-42897)
Vulnerability from cvelistv5 – Published: 2022-10-12 00:00 – Updated: 2025-05-15 17:55
VLAI?
Summary
Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:19:05.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Remote_Injection_Vulnerability_in_Array_VPN_Product_ID-11961_%20V2.1.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/fieldnotices.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-42897",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-15T17:55:14.330345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T17:55:18.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-12T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Remote_Injection_Vulnerability_in_Array_VPN_Product_ID-11961_%20V2.1.pdf"
},
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/fieldnotices.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-42897",
"datePublished": "2022-10-12T00:00:00.000Z",
"dateReserved": "2022-10-12T00:00:00.000Z",
"dateUpdated": "2025-05-15T17:55:18.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-66644 (GCVE-0-2025-66644)
Vulnerability from nvd – Published: 2025-12-05 00:00 – Updated: 2025-12-09 04:55
VLAI?
Summary
Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Array Networks | ArrayOS AG |
Affected:
0 , < 9.4.5.9
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66644",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-12-08",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-66644"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-09T04:55:52.076Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-66644"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-08T00:00:00+00:00",
"value": "CVE-2025-66644 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ArrayOS AG",
"vendor": "Array Networks",
"versions": [
{
"lessThan": "9.4.5.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-05T19:04:17.037Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.jpcert.or.jp/at/2025/at250024.html"
},
{
"url": "https://x.com/ArraySupport/status/1921373397533032590"
},
{
"url": "https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells/"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-66644",
"datePublished": "2025-12-05T00:00:00.000Z",
"dateReserved": "2025-12-05T00:00:00.000Z",
"dateUpdated": "2025-12-09T04:55:52.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-51707 (GCVE-0-2023-51707)
Vulnerability from nvd – Published: 2023-12-22 00:00 – Updated: 2025-04-23 16:20
VLAI?
Summary
MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Attacks.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-51707",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-02T15:33:23.561854Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:20:10.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-22T01:44:45.151Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Attacks.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51707",
"datePublished": "2023-12-22T00:00:00.000Z",
"dateReserved": "2023-12-22T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:20:10.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41121 (GCVE-0-2023-41121)
Vulnerability from nvd – Published: 2023-08-25 00:00 – Updated: 2024-10-02 17:57
VLAI?
Summary
Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:04.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Denial_of_Service_ID-144162.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://semonto.com/tools/website-reachability-check?test=325b4e588e64536b21664d24640f547"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:arraynetworks:ag:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ag",
"vendor": "arraynetworks",
"versions": [
{
"lessThan": "9.4.0.499",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-41121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:54:21.481236Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:57:16.988Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-25T21:07:33.198684",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Denial_of_Service_ID-144162.pdf"
},
{
"url": "https://semonto.com/tools/website-reachability-check?test=325b4e588e64536b21664d24640f547"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-41121",
"datePublished": "2023-08-25T00:00:00",
"dateReserved": "2023-08-23T00:00:00",
"dateUpdated": "2024-10-02T17:57:16.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28461 (GCVE-0-2023-28461)
Vulnerability from nvd – Published: 2023-03-15 00:00 – Updated: 2025-10-21 23:15
VLAI?
Summary
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:arraynetworks:arrayos_ag:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "arrayos_ag",
"vendor": "arraynetworks",
"versions": [
{
"lessThanOrEqual": "9.4.0.481",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28461",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T04:55:26.280443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-11-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:15:23.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-25T00:00:00+00:00",
"value": "CVE-2023-28461 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated \"a new Array AG release with the fix will be available soon.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-15T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-28461",
"datePublished": "2023-03-15T00:00:00.000Z",
"dateReserved": "2023-03-15T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:15:23.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-24613 (GCVE-0-2023-24613)
Vulnerability from nvd – Published: 2023-02-03 00:00 – Updated: 2025-03-26 14:55
VLAI?
Summary
The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481.
Severity ?
4.9 (Medium)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:03:18.776Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-24613",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-26T14:53:45.920387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T14:55:05.017Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-03T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_UI_Stack_Overflow_Vulnerability_ID-128285_V1.0.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-24613",
"datePublished": "2023-02-03T00:00:00.000Z",
"dateReserved": "2023-01-30T00:00:00.000Z",
"dateUpdated": "2025-03-26T14:55:05.017Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-42897 (GCVE-0-2022-42897)
Vulnerability from nvd – Published: 2022-10-12 00:00 – Updated: 2025-05-15 17:55
VLAI?
Summary
Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected.
Severity ?
9.8 (Critical)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:19:05.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Remote_Injection_Vulnerability_in_Array_VPN_Product_ID-11961_%20V2.1.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/fieldnotices.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-42897",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-15T17:55:14.330345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T17:55:18.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-12T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Remote_Injection_Vulnerability_in_Array_VPN_Product_ID-11961_%20V2.1.pdf"
},
{
"url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/fieldnotices.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-42897",
"datePublished": "2022-10-12T00:00:00.000Z",
"dateReserved": "2022-10-12T00:00:00.000Z",
"dateUpdated": "2025-05-15T17:55:18.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}