{"id":226523,"date":"2025-12-05T00:27:11","date_gmt":"2025-12-05T06:27:11","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/12\/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells"},"modified":"2025-12-05T00:27:11","modified_gmt":"2025-12-05T06:27:11","slug":"hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/12\/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells","title":{"rendered":"Hackers are exploiting ArrayOS AG VPN flaw to plant webshells"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/hackers-are-exploiting-arrayos-ag-vpn-flaw-to-plant-webshells.jpg\"><\/a><\/p>\n<p>Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users.<\/p>\n<p>Array Networks fixed the vulnerability in a May security update, but has not assigned an identifier, complicating efforts to track the flaw and patch management.<\/p>\n<p>An <a href=\"http:\/\/www.jpcert.or.jp\/at\/2025\/at250024.html\" target=\"_blank\" rel=\"nofollow noopener\">advisory<\/a> from Japan\u2019s Computer Emergency and Response Team (CERT) warns that hackers have been exploiting the vulnerability since at least August in attacks targeting organizations in the country.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Threat actors have been exploiting a command injection vulnerability in Array AG Series VPN devices to plant webshells and create rogue users. Array Networks fixed the vulnerability in a May security update, but has not assigned an identifier, complicating efforts to track the flaw and patch management. An advisory from Japan\u2019s Computer Emergency and Response [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1523,1492],"tags":[],"class_list":["post-226523","post","type-post","status-publish","format-standard","hentry","category-computing","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/226523","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=226523"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/226523\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=226523"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=226523"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=226523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}