HTTP: Array Networks AG and vxAG ArrayOS Missing Authentication
This signature detects attempts to exploit a known vulnerability against Array Networks AG and vxAG ArrayOS. A successful attack can lead to directory traversal and arbitrary code execution.
Extended Description
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."
References
CVE: CVE-2023-28461
Short Name
HTTP:CTS:ARRY-NW-AOS-MAUTH
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
AG Array ArrayOS Authentication CVE-2023-28461 Missing Networks and vxAG
Release Date
03/17/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3791
False Positive
Unknown