Active exploitation reported of command injection flaw in Array Networks AG Series VPN gateways
Take action: If you have Array AG Series access gateways, plan an urgent update to ArrayOS AG version 9.4.5.9. Your devices are actively hacked, and they can't be hidden from the internet. They are designed to be accessible from the Internet. if you can't update right away, disable the DesktopDirect feature or apply URL filtering to stop semicolons in URLs. Check your systems for webshells, unauthorized accounts, or any suspicious activity.
Learn More
Array Networks is patched a critical command injection vulnerability in its Array AG Series secure access gateways that has been actively exploited in the wild since August 2025.
The vulnerability (no CVE assigned) allows authenticated and potentially unauthenticated attackers to execute arbitrary commands on vulnerable systems through exploitation fo a flaw in the DesktopDirect feature, a remote desktop access solution that's part of the Array AG Series product. The vulnerability affects all ArrayOS AG installations running version 9.4.5.8 and earlier, especially those with the DesktopDirect remote access feature enabled. This impacts both hardware appliances and virtual instances of the Array AG Series.
Array Networks released a patched version in May 2025 in ArrayOS AG version 9.4.5.9, but a significant number of unpatched instances has exposed enterprise systems exposed to active attacks.
Security researcher Yutaka Sejiyama from Macnica, scanning efforts have identified approximately 1,831 ArrayAG instances worldwide, with concentrations primarily in China, Japan, and the United States. At least 11 hosts have been verified to have the DesktopDirect feature active, though the actual number of vulnerable systems is likely significantly higher. Array Networks addressed this vulnerability iwhich is now available for download. However, many organizations have not yet applied the update, leaving critical infrastructure exposed.
Japan's Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed multiple incidents targeting Japanese organizations beginning in August 2025.
In these attacks, threat actors exploited the command injection flaw to install PHP webshells in paths containing "/ca/aproxy/webapp/", providing persistent remote access to compromised systems. The malicious activity also included the creation of unauthorized user accounts on the affected devices and subsequent lateral movement into internal networks. All confirmed attack traffic has originated from the IP address 194.233.100[.]138.
All organizations using Array AG Series access gateways should update them immediately.
Organizations unable to immediately apply the patched version shoudl either disable the DesktopDirect feature or implement URL filtering to block access to URLs containing semicolon characters (";").
JPCERT/CC warns that organizations should investigate their systems for signs of compromise, particularly checking for webshell installations, unauthorized user accounts, and suspicious network activity originating from the identified IP address.
