CVE-2009-3710

RioRey RIOS 4.6.6 and 4.7.0 - Unauthenticated Privilege Escalation via Hardcoded SSH Credentials

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3710. PoCs published by Marek Kroemeke.

AI-analyzed exploit summary This exploit leverages a hardcoded SSH credential (username: dbadmin, password: sq!us3r) on port 8022 to gain root access to Riorey DDoS mitigation appliances running vulnerable RIOS versions. The outdated Linux kernel (2.6.16.6) allows privilege escalation post-authentication.

Description

RioRey RIOS 4.6.6 and 4.7.0 uses an undocumented, hard-coded username (dbadmin) and password (sq!us3r) for an SSH tunnel, which allows remote attackers to gain privileges via port 8022.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Marek Kroemeke · textremotehardware
https://www.exploit-db.com/exploits/9858

This exploit leverages a hardcoded SSH credential (username: dbadmin, password: sq!us3r) on port 8022 to gain root access to Riorey DDoS mitigation appliances running vulnerable RIOS versions. The outdated Linux kernel (2.6.16.6) allows privilege escalation post-authentication.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Riorey RIOS 4.6.6, 4.7.0 (possibly others)
No auth needed
Prerequisites: Network access to port 8022 on the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/58858
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/36971

Scores

EPSS 0.0850
EPSS Percentile 94.4%

Details

CWE
CWE-255
Status published
Products (2)
riorey/rios 4.6.6
riorey/rios 4.7.0
Published Oct 16, 2009
Tracked Since Feb 18, 2026