top of page
perceptive_background_267k.jpg

Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands.

Published:

8 December 2025 at 00:00:00

Alert date:

8 December 2025 at 19:01:12

Source:

cisa.gov

Click to open the original link from this advisory

Array Networks ArrayOS AG contains an OS command injection vulnerability (CVE-2025-66644) that allows attackers to execute arbitrary commands on affected systems. This vulnerability poses a high security risk as it enables remote code execution. The vulnerability affects Array Networks' ArrayOS AG platform. Security advisories have been published by JPCERT and Array Networks provides support information through their portal. Given the nature of command injection vulnerabilities and their potential for system compromise, this issue requires immediate attention and patching.

Technical details

Mitigation steps:

Affected products:

Array Networks ArrayOS AG

Related links:

https://www.jpcert.or.jp/at/2025/at250024.html
https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/ag.html
https://nvd.nist.gov/vuln/detail/CVE-2025-66644

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page