Security Advisory

CVE-2023-28460

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-15 00:00:00
Last updated 2025-02-27 14:18:37
Assigner mitre
State PUBLISHED

Description

A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer.