VYPR

vxAG

by Array Networks

CVEs (3)

  • CVE-2023-28461CriKEVMar 15, 2023
    risk 0.87cvss 9.8epss 0.68

    Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable…

  • CVE-2014-125121CriJul 31, 2025
    risk 0.73cvss epss 0.01

    Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script. The devices ship with a…

  • CVE-2023-24613MedFeb 3, 2023
    risk 0.32cvss 4.9epss 0.01

    The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this…