CVE-2016-1561

Name of the Vulnerable Software and Affected Versions ExaGrid appliances versions prior to 4.8 P26

Description The issue allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image, due to a default SSH public key in the authorized keys file for root.

Recommendations For versions prior to 4.8 P26, update the firmware to version 4.8 P26 or later to resolve the issue. As a temporary workaround, consider removing the default SSH public key from the authorized keys file for root to prevent unauthorized access.