CVE-2014-125121

Public Exploit
Array Networks vAPV and vxAG Default Credential Privilege Escalation

Description

Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) appliances are affected by a privilege escalation vulnerability caused by a combination of hardcoded SSH credentials (or SSH private key) and insecure permissions on a startup script. The devices ship with a default SSH login or a hardcoded DSA private key, allowing an attacker to authenticate remotely with limited privileges. Once authenticated, an attacker can overwrite the world-writable /ca/bin/monitor.sh script with arbitrary commands. Since this script is executed with elevated privileges through the backend binary, enabling the debug monitor via backend -c "debug monitor on" triggers execution of the attacker's payload as root. This allows full system compromise.

Category

10.0
CVSS
Severity: Critical
CVSS 4.0 •
EPSS 0.05%
Third-Party Advisory vulncheck.com
Affected: Array Networks vAPV
Affected: Array Networks vxAG
Published at:
Updated at:

References

Link Tags
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/ssh/array_vxag_vapv_privkey_privesc.rb exploit
https://packetstorm.news/files/id/125761 exploit
https://www.exploit-db.com/exploits/32440 exploit
https://www.vulncheck.com/advisories/array-networks-vapv-vxag-default-credential-privilege-escalation third party advisory

Frequently Asked Questions

What is the severity of CVE-2014-125121?
CVE-2014-125121 has been scored as a critical severity vulnerability.
How to fix CVE-2014-125121?
To fix CVE-2014-125121, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2014-125121 being actively exploited in the wild?
It is possible that CVE-2014-125121 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2014-125121?
CVE-2014-125121 affects Array Networks vAPV, Array Networks vxAG.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.