ArrayOS AG VPN Breach: Webshells and the Missing CVE
Active exploitation of a severe command injection vulnerability discovered in Array Networks AG Series VPN devices. Threat actors are utilizing this flaw, which specifically targets the DesktopDirect remote access feature, to execute arbitrary commands and establish persistent control over internal networks by installing PHP webshells. Security researchers have noted that the lack of a formal CVE identifier complicates risk tracking and prioritization, even though patching recommendations and temporary workarounds have been urgently issued by organizations like JPCERT. The text concludes with a service pitch from Technijian, a managed IT provider, offering vulnerability assessment, security hardening, and incident response solutions to help regional clients mitigate this specific VPN security crisis and other remote access threats.
