JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

December 5, 2025

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week.
The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It’s rooted in Array’s DesktopDirect, a remote desktop access solution that allows users to securely access

Categories

Blog

Share

Leave a Reply Cancel reply

Recent Post

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

6 December 2025

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

6 December 2025

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

5 December 2025

Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails

5 December 2025

Like The article?

We have a lot more just for you! Lets join us now

Related post

Continue reading

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

No Comments

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

No Comments

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

No Comments

Have your assets been compromised by fraud or theft?

Speak to a Expert Now!