A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer.
History

Tue, 04 Mar 2025 03:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-02-27T14:18:37.236Z

Reserved: 2023-03-15T00:00:00.000Z

Link: CVE-2023-28460

cve-icon Vulnrichment

Updated: 2024-08-02T12:38:25.363Z

cve-icon NVD

Status : Modified

Published: 2023-03-15T23:15:10.013

Modified: 2024-11-21T07:55:07.767

Link: CVE-2023-28460

cve-icon Redhat

No data.