Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-28461

Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated “a new Array AG release with the fix will be available soon.”

CVE
#rce#pdf#auth#ssl

%PDF-1.7 4 0 obj << /BitsPerComponent 8 /ColorSpace /DeviceGray /Filter /FlateDecode /Height 970 /Length 44247 /Subtype /Image /Type /XObject /Width 3249 >> stream x���q��:��H�$ ���$T���J@� ����ݥt�ff������s�,�͓L&����J]�*��E �5���P����Wb�*_�+����B`P��#�@�C$��Qs����F�!X�h��H`P�� ,j4��B`P�n�5��b$��Q#�@���˼��4� ,j4��B`PPs����F�!XԨ��H`P�� ,j��c$��Q�� ����-&����d}?�Q��4� ,j4ky���O�Q�%�H`P�ģ" ,ܝ�y%��,�<���H`P���� ,��<*����� ,j4��H �!3��6��]#�@��!X�h����BM#�@��{$��S��Wb@�@�,�E`P- �j��KUz������Z�"���^`�P�XbUg �Zu�"���b`�ФX��,�E`P-��r�I1�t4XT�D`P����V�������Z�"���b`�4XTkG`P- �j)�6�& �jXTK1�hR ,]M=�@�,��X�4)�>�& �j]��-��N/���,�E`P-����H3����� ,��4K@�@�����@�b`�h"���b`�ФXbM=�@�4K@�f`i("���Y1�(�K@�@�4�%��V1��XTK3� �K ����Z������"���M1�(� G�PE`P��b`�P�)������Z’���ɑT��R ,�zT G�PE`P-���ɑTXT�W ,��4 'G�F���T�^��r �־=tݥ�5��������N��;cu����4����C�ۺ��݇u"�lVӞ.����۵;��Z��’Xkj؜����<���U���ؚ��r��kõ[��]5��ڝ��VA�~�e���99���p� s �S��a��P����z,q?W�Т�a99�����,6B�47dX��V��ZyU���a��]GZA�ʗW�w���~�#틑�܄کu�ɑn�K�����X5�pr$���D)r��T���G��H� �C"W��

Related news

Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware

Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three years. Israeli cybersecurity company Cybereason is tracking the campaign under the name Cuckoo Spear,

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907