Vulnerability Details CVE-2016-1561
ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.844
EPSS Ranking 99.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.html
- http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey
- https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials
- http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.html
- http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey
- https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials
Products affected by CVE-2016-1561
-
cpe:2.3:h:exagrid:ex10000e:-
-
cpe:2.3:h:exagrid:ex13000e:-
-
cpe:2.3:h:exagrid:ex21000e:-
-
cpe:2.3:h:exagrid:ex3000:-
-
cpe:2.3:h:exagrid:ex32000e:-
-
cpe:2.3:h:exagrid:ex40000e:-
-
cpe:2.3:h:exagrid:ex5000:-
-
cpe:2.3:h:exagrid:ex7000:-
-
cpe:2.3:o:exagrid:ex10000e_firmware:4.8
-
cpe:2.3:o:exagrid:ex13000e_firmware:4.8
-
cpe:2.3:o:exagrid:ex21000e_firmware:4.8
-
cpe:2.3:o:exagrid:ex3000_firmware:4.8
-
cpe:2.3:o:exagrid:ex32000e_firmware:4.8
-
cpe:2.3:o:exagrid:ex40000e_firmware:4.8
-
cpe:2.3:o:exagrid:ex5000_firmware:4.8
-
cpe:2.3:o:exagrid:ex7000_firmware:4.8