CVE-2016-1560

critical-risk

Published 2017-04-21

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session.

Do I need to act?

81.7% chance of exploitation in next 30 days

EPSS score — higher than 18% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

41680

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (8)

Ex21000E Firmware

Ex32000E Firmware

Ex40000E Firmware

Ex3000 Firmware

Ex5000 Firmware

Ex7000 Firmware

Ex10000E Firmware

Ex13000E Firmware

Affected Vendors

Exagrid

References (6)

Exploit http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Passwo...

Third Party Advisory http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey

Exploit https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagri...

Exploit http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Passwo...

Third Party Advisory http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey

Exploit https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagri...

/ 100

critical-risk

Severity 32/34 · Critical

Exploitability 27/34 · High

Exposure 14/34 · Moderate