Silent Breach in the VPN Walls: How Hackers Exploited Array AG Series Devices to Plant Stealthy Webshells

Listen to this Post

Featured Image

Introduction

A quiet storm has been brewing inside enterprise VPN infrastructure. Over the past months, a dangerous command injection flaw in Array Networks’ AG Series devices has become a favored entry point for hackers looking to plant webshells, create rogue admin accounts, and slip unnoticed into corporate networks. The vulnerability, patched in May yet still lacking a formal identifier, has allowed attackers to operate with alarming ease, especially across organizations in Japan. As security teams scramble to understand the scale of exposure, the absence of a CVE has complicated tracking, reporting, and response efforts. The following report unpacks what happened, why it matters, and what organizations may be facing next.

Shadow Exploits in Array AG VPNs: How Hackers Slipped In

Japan’s Computer Emergency and Response Team sounded the alarm after confirming ongoing exploitation of an unassigned vulnerability in Array AG Series VPN appliances. Threat actors have quietly abused a command injection flaw to deploy PHP webshells and establish unauthorized accounts inside production environments.
The flaw resides in ArrayOS AG version 9.4.5.8 and older builds, with systems using the DesktopDirect remote access feature facing the highest risk. Attackers have reportedly been leveraging the bug since at least August, steering assaults from IP address 194.233.100[.]138.
In multiple confirmed cases, a command was executed to plant a malicious file inside the path /ca/aproxy/webapp/, giving attackers a persistent foothold capable of launching remote commands or escalating privileges. JPCERT warns that this behavior is consistent across observed incidents, indicating organized exploitation rather than isolated opportunistic attacks.
Array Networks quietly addressed the flaw in version 9.4.5.9, but without assigning a CVE or publishing a public advisory, the security community has struggled to track its spread or severity. This lack of transparency creates an unusual blind spot, leaving asset owners uncertain whether they are fully protected or unknowingly exposed.
Security researcher Yutaka Sejiyama conducted global scans and identified 1,831 active ArrayAG instances, primarily in China, Japan, and the United States. At least 11 exposed devices had DesktopDirect enabled, though Sejiyama believes the real number is likely far higher. His findings also highlight a troubling reality: because Array’s customer base is concentrated in Asia, many global security vendors have not been closely monitoring the threat.
This oversight contrasts sharply with last year’s widespread exploitation of CVE-2023-28461, another serious remote code execution flaw affecting Array Networks’ AG and vxAG products. While that incident drew global attention and rapid advisories from CISA, this newer vulnerability has unfolded more quietly, enabling attackers to operate with reduced scrutiny.
For organizations unable to patch immediately, JPCERT recommends disabling DesktopDirect entirely if unused, or filtering semicolon-containing URLs to block attempted injections. These mitigations may reduce attack surface temporarily, but the bigger challenge remains: without consistent global reporting or a standardized identifier, visibility into ongoing exploitation is dangerously limited.
Array Networks has not yet responded to inquiries regarding whether a CVE will be issued. Until clearer documentation emerges, the security burden rests heavily on local teams, researchers, and organizations directly affected.

What Undercode Say:

This incident shows a crucial weak point in enterprise cybersecurity: the moment when infrastructure vendors issue under-documented patches without a formal vulnerability identifier. A missing CVE might seem like a minor administrative gap, but in practice, it disrupts every link in the security chain.
Patch management tools rely on CVEs to map threats, risk dashboards need structured identifiers to prioritize fixes, and SOC teams need searchable references to track adversarial behavior across environments. When a flaw exists without a name, defenders fight blindfolded.
The exploitation of Array AG devices also reflects a larger global imbalance in threat monitoring. Technologies heavily adopted in Asia often receive less attention from Western security vendors, creating pockets of vulnerability where attackers can operate with reduced oversight. The fact that most observed attacks are concentrated in Japan reinforces how adversaries exploit regional blind spots.
Another concerning element is the simplicity of the exploitation path. A command injection leading to a PHP webshell placement inside a predictable directory makes for an exceptionally reliable attack chain. It allows adversaries to maintain long-term persistence with minimal effort, while also enabling lateral movement if the VPN gateway sits adjacent to internal management networks.

The

Security researchers like Sejiyama offer a critical service by uncovering real-world exposure that organizations may not realize exists. His scan showing at least 11 DesktopDirect-enabled hosts is just the visible portion. Many companies deploy these systems in remote branches, legacy data centers, or unmanaged third-party service networks, where updates lag behind by months.
This scenario underscores a core lesson: VPN appliances remain one of the most dangerous single points of failure in modern enterprises. When compromised, attackers bypass frontline defenses and often enter directly into the trust zone of internal systems.
Given the significant overlap with previous Array exploitation campaigns, defenders should not treat this as an isolated event. Instead, it should be seen as part of a recurring pattern where niche remote-access platforms become targets of stealthy exploitation waves.
The absence of a CVE is not simply a missing number. It is a missing beacon that helps defenders correlate logs, threat reports, signatures, and incident investigations. Without it, the global security community effectively operates with one eye closed.
Organizations using Array AG appliances must ensure they have visibility into both patch levels and DesktopDirect configurations. Any device running versions older than 9.4.5.9 should be treated as potentially compromised until proven otherwise through full forensic inspection.
Given the confirmed presence of planted webshells, defenders should check execution logs, unexpected admin accounts, anomalous file changes, and outbound traffic to suspicious IP ranges. In many cases, VPN appliances lack sufficient built-in logging for deep analysis, requiring external monitoring or packet inspection solutions.
Most importantly, the industry must advocate for stronger transparency from vendors supplying core network infrastructure. Silent patches leave defenders in the dark, and attackers thrive whenever that happens.

🔍 Fact Checker Results

The vulnerability was actively exploited and confirmed by JPCERT, which reported webshell placement attempts. ✅

Array Networks issued a fix in version 9.4.5.9, though no CVE identifier is currently assigned. ❌

Global scans confirm over 1,800 exposed ArrayAG instances worldwide, primarily in Asia. ✅

📊 Prediction

Attackers will likely expand operations beyond Japan as awareness of the exploit grows. 🌐
Vendors may be pressured to assign a CVE and publish a full advisory because enterprise customers will demand clarity. 📢
Security researchers will continue discovering additional vulnerable hosts as scans intensify, revealing a broader global footprint. 🔍

🕵️‍📝✔️Let’s dive deep and fact‑check.

References:

Reported By: www.bleepingcomputer.com
Extra Source Hub (Possible Sources for article):
https://www.pinterest.com
Wikipedia
OpenAi & Undercode AI

Image Source:

Unsplash
Undercode AI DI v2
Bing

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow UndercodeNews & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin | 🦋BlueSky | 🐘Mastodon