Array Networks ArrayOS AG
Approved changes feed: RSS · Atom
cpe:2.3:o:arraynetworks:arrayos_ag:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Arraynetworks (2e5a11b9-7ef9-58d7-8953-2d68023f44db) |
|---|---|
| Product | Arrayos Ag (6191142e-81d4-5695-920e-b58766cf4dbe) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-28461 |
vulnerable | 2026-06-03 14:51:09.385355 |
Details available
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."
Published: 2023-03-15T00:00:00.000Z
Updated: 2025-10-21T23:15:23.174Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.