arraynetworks 漏洞與 CVE 列表(8)

產品(CPE): — CVE 數: 8

arraynetworks 漏洞概覽

彙總 arraynetworks 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

歷史漏洞主要涉及 記憶體損壞、拒絕服務與命令注入 等問題,部分漏洞可能導致 應用程式崩潰,並影響 生產負載與軟體部署 相關場景。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 188 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2025-66644 KEV Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025. [email protected] 7.2 3.05% 2025-12-05 2026-06-17
CVE-2014-125121 Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script. The devices ship with a default SSH login or a hardcoded DSA private key, allowing an attacker to authenticate remotely with limited privileges. Once authenticated, an attacker can overwrite the world-writable /ca/bin/monitor.sh script with arbitr [email protected] 10.0 0.82% 2025-07-31 2026-06-16
CVE-2023-51707 MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected. [email protected] 9.8 1.27% 2023-12-21 2026-06-17
CVE-2023-41121 Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations. [email protected] 7.5 0.63% 2023-08-25 2026-06-17
CVE-2023-28461 KEV Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon." [email protected] 9.8 67.64% 2023-03-15 2026-06-17
CVE-2023-28460 A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer. [email protected] 7.2 1.62% 2023-03-15 2026-06-17
CVE-2023-24613 The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481. [email protected] 4.9 0.79% 2023-02-02 2026-06-17
CVE-2022-42897 Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection that leads to privilege escalation and control of the system. NOTE: ArrayOS AG 10.x is unaffected. [email protected] 9.8 1.50% 2022-10-12 2026-06-17
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence