3 matches found
CVE-2023-28461
Array Networks Array AG Series and vxAG 9.4.0.481 and earlier allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09...
CVE-2023-24613
The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend...
CVE-2023-24613
CVE-2023-24613 affects Array Networks AG Series and vxAG UI (v9.4.0.470). A remote attacker with administrator access could use gdb to overwrite the backend function call stack in the UI handling binary, enabling a denial-of-service condition. The issue is resolved in AG 9.4.0.481. Affected versi...