Sam Wong

**Name of the Vulnerable Software and Affected Versions** A10 Networks ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5.1.x aGalaxy versions 3.0.x, 3.2.x, and 5.0.x **Description** A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. **Recommendations** For A10 Networks ACOS versions 3.2.x (including and after 3.2.2), 4.x, and 5.1.x, update to a version that includes the fix for this issue. For aGalaxy versions 3.0.x, 3.2.x, and 5.0.x, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the management GUIs until a patch is available.