Full title: Quantum vmPRO - Backdoor Command Exploit 
Category: remote exploits
Platform: unix
Quantum ships a public/private key pair on DXi V1000 2.2.1 appliances that allows passwordless authentication to any other DXi box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.

# 0day.today @ http://0day.today/