Browse all 4 CVE security advisories affecting A10. AI-powered Chinese analysis, POCs, and references for each vulnerability.
A10 Networks develops application delivery and security solutions, primarily used for DDoS mitigation, web application firewalling, and traffic management. Historically, vulnerabilities in A10 products have commonly included remote code execution, cross-site scripting, and privilege escalation flaws. The company's devices have been targeted in various attacks, with several critical vulnerabilities allowing unauthenticated attackers to take complete control of affected systems. A10's security track record shows recurring issues in input validation and access control, with multiple CVEs over the years exposing risks in their ADC and Thunder products. While the company has released patches for these vulnerabilities, the consistent pattern of similar flaws remains a concern for enterprise deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-30369 | A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability — Thunder ADCCWE-732 | 7.8AI | HighAI | 2024-06-06 |
| CVE-2024-30368 | A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability — Thunder ADCCWE-78 | 8.8AI | HighAI | 2024-06-06 |
| CVE-2023-42130 | A10 Thunder ADC FileMgmtExport Directory Traversal Arbitrary File Read and Deletion Vulnerability — Thunder ADCCWE-22 | 8.8 | - | 2024-05-03 |
| CVE-2023-42129 | A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability — Thunder ADCCWE-22 | 6.5 | - | 2024-05-03 |
This page lists every published CVE security advisory associated with A10. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.