Vulnerability CVE-2016-1560

Vulnerability CVE-2016-1560

Published: 2017-04-21

Description:

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session.

See advisories in our WLB2 database:

	Topic	Author	Date
Low	ExaGrid Known SSH Key / Default Password	egypt	10.04.2016

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
10/10	10/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Exagrid -> Ex40000e firmware
Exagrid -> Ex32000e firmware
Exagrid -> Ex10000e firmware
Exagrid -> Ex7000 firmware
Exagrid -> Ex13000e firmware
Exagrid -> Ex3000 firmware
Exagrid -> Ex5000 firmware
Exagrid -> Ex21000e firmware

References:

http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.html

http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey

https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials

Copyright 2024, cxsecurity.com