A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-03-15T00:00:00
Updated: 2023-03-15T00:00:00
Reserved: 2023-03-15T00:00:00
Link: CVE-2023-28460
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-03-15T23:15:10.013
Modified: 2023-03-24T14:57:49.207
Link: CVE-2023-28460
JSON object: View
Redhat Information
No data.
CWE