QwikSec

Security Database

CVE

CWE

Training

CVE-2016-1560

Published: Apr 21, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.html

x_refsource_MISC

https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials

x_refsource_MISC

http://www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkey

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.