Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.6 views

PT-2024-22445 · Undefined · Undefined

CISA adds Array Networks CVE-2023-28461 to its KEV Catalog CISAKEV ArrayNetworks CVE-2024-28461 https://t.co/VGDdBgd86q...

9.8CVSS6.8AI score0.67645EPSS
Exploits0References1
Circl
Circl
added 2024/11/20 4:47 a.m.7 views

CVE-2023-28461

creationtimestamp| type| source ---|---|--- 2024-11-20 04:47:00+00:00| seen| https://infosec.exchange/users/edwardk/statuses/113513465135891182 2024-11-25 15:59:35+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113544421331313601 2024-11-25 16:25:12+00:00| seen|...

9.8CVSS7.6AI score0.67645EPSS
Exploits0References16
VulnCheck KEV
VulnCheck KEV
added 2024/09/13 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-28461

Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway...

9.8CVSS7.4AI score0.67645EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/03/15 12:0 a.m.11 views

CVE-2023-28461

Array Networks Array AG Series and vxAG 9.4.0.481 and earlier allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09...

9.8CVSS7.7AI score0.67645EPSS
In wildExploits0References2
Cvelist
Cvelist
added 2023/03/15 12:0 a.m.39 views

CVE-2023-28461

Array Networks Array AG Series and vxAG 9.4.0.481 and earlier allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09...

9.9AI score0.67645EPSS
Exploits0References1
CVE
CVE
added 2023/03/15 12:0 a.m.245 views

CVE-2023-28461

CVE-2023-28461 affects Array Networks ArrayOS Array AG Series and vxAG (≤ 9.4.0.481). The vulnerability allows unauthenticated remote code execution by exploiting a flag in an HTTP header to browse the device filesystem and reach a vulnerable URL. PTSecurity notes evidence of active exploitation;...

9.8CVSS9.6AI score0.67645EPSS
In wildExploits0References2Affected Software1
Rows per page
Query Builder