A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer.
Metrics
Affected Vendors & Products
References
History
Tue, 04 Mar 2025 03:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-02-27T14:18:37.236Z
Reserved: 2023-03-15T00:00:00.000Z
Link: CVE-2023-28460

Updated: 2024-08-02T12:38:25.363Z

Status : Modified
Published: 2023-03-15T23:15:10.013
Modified: 2024-11-21T07:55:07.767
Link: CVE-2023-28460

No data.