High severity7.5NVD Advisory· Published Apr 21, 2017· Updated Jun 17, 2026
CVE-2016-1561
CVE-2016-1561
Description
ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorized_keys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:o:exagrid:ex10000e_firmware:4.8:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:exagrid:ex10000e_firmware:4.8:*:*:*:*:*:*:*
- cpe:2.3:o:exagrid:ex13000e_firmware:4.8:*:*:*:*:*:*:*
- cpe:2.3:o:exagrid:ex40000e_firmware:4.8:*:*:*:*:*:*:*
- cpe:2.3:o:exagrid:ex7000_firmware:4.8:*:*:*:*:*:*:*
- cpe:2.3:o:exagrid:ex21000e_firmware:4.8:*:*:*:*:*:*:*
- cpe:2.3:o:exagrid:ex3000_firmware:4.8:*:*:*:*:*:*:*
- cpe:2.3:o:exagrid:ex32000e_firmware:4.8:*:*:*:*:*:*:*
- cpe:2.3:o:exagrid:ex5000_firmware:4.8:*:*:*:*:*:*:*
- Range: <4.8 P26
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/136634/ExaGrid-Known-SSH-Key-Default-Password.htmlnvdExploitThird Party AdvisoryVDB Entry
- community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentialsnvdExploitMitigationThird Party Advisory
- www.rapid7.com/db/modules/exploit/linux/ssh/exagrid_known_privkeynvdThird Party Advisory
News mentions
0No linked articles in our index yet.