CVE-2016-1560

CRITICAL

ExaGrid <4.8 P26 - Auth Bypass

Title source: llm

Description

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session.

Exploits (1)

exploitdb WORKING POC

rubyremotelinux

https://www.exploit-db.com/exploits/41680

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.html

[Third Party Advisory] http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey

[Exploit, Mitigation, Third Party Advisory] https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials

Scores

CVSS v3 9.8

EPSS 0.8167

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-798

Status published

Products (8)

exagrid/ex10000e_firmware 4.8

exagrid/ex13000e_firmware 4.8

exagrid/ex21000e_firmware 4.8

exagrid/ex3000_firmware 4.8

exagrid/ex32000e_firmware 4.8

exagrid/ex40000e_firmware 4.8

exagrid/ex5000_firmware 4.8

exagrid/ex7000_firmware 4.8

Published Apr 21, 2017

Tracked Since Feb 18, 2026