JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

Security Aid December 5, 2025

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week.
The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It’s rooted in Array’s DesktopDirect, a remote desktop access solution that allows users to securely accessA command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week.
The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It’s rooted in Array’s DesktopDirect, a remote desktop access solution that allows users to securely access The Hacker NewsRead More

About The Author

Security Aid

See author's posts

Security Aid

Related Stories

Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

Attackers hit React defect as researchers quibble over proof