CVE-2023-28461
Severity CVSS v4.0:
Pending analysis
Type:
CWE-287
Authentication Issues
Publication date:
15/03/2023
Last modified:
14/03/2025
Description
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:* | 9.4.0.481 (including) | |
| cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf
- https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf