CVE-2014-125121

Exploit

EPSS 45.32%
Veröffentlicht 31.07.2025 14:52:45
Zuletzt bearbeitet 31.07.2025 18:42:37
Quelle disclosure@vulncheck.com
Teams Watchlist Login
Unerledigt Login

Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script. The devices ship with a default SSH login or a hardcoded DSA private key, allowing an attacker to authenticate remotely with limited privileges.


Once authenticated, an attacker can overwrite the world-writable /ca/bin/monitor.sh script with arbitrary commands. Since this script is executed with elevated privileges through the backend binary, enabling the debug monitor via backend -c "debug monitor on" triggers execution of the attacker's payload as root. This allows full system compromise.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerArray Networks

≫

Produkt vAPV

Default Statusunknown

Version 8.3.2.17

Status affected

HerstellerArray Networks

≫

Produkt vxAG

Default Statusunknown

Version 9.2.0.34

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	45.32%	0.974

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
disclosure@vulncheck.com	10	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ssh/array_vxag_vapv_privkey_privesc.rb

https://packetstorm.news/files/id/125761

https://www.exploit-db.com/exploits/32440

https://www.vulncheck.com/advisories/array-networks-vapv-vxag-default-credential-privilege-escalation

https://nvd.nist.gov/vuln/detail/CVE-2014-125121

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-125121

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-125121

EUVD