Описание
Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025.
Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-66644
- https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-66644
- https://www.jpcert.or.jp/at/2025/at250024.html
- https://x.com/ArraySupport/status/1921373397533032590
Связанные уязвимости
CVSS3: 7.2
nvd
13 дней назад
Array Networks ArrayOS AG before 9.4.5.9 allows command injection, as exploited in the wild in August through December 2025.