Array Networks vxAG/xAPV Authentication Bypass Vulnerabilities

This host is running Array Networks vxAG/xAPV and is prone to authentication bypass vulnerabilities.
Successful exploitation will allow attacker to gain unauthorized root access to affected devices and completely compromise the devices. Impact Level: System/Application
No Solution is available as of 20th March, 2014. Information regarding this issue will be updated once the solution details are available. For more information refer to
Multiple flaws are due to - The program using insecure world writable permissions for the '/ca/bin/' file. - The 'mfg' account has a password of 'mfg' and the 'sync' account has a password of 'click1', which is publicly known and documented. - If a remote attacker has explicit knowledge of the SSH keys they can potentially gain privileged access to the device.
Array Networks vxAG and vAPV appliances
Send a default SSH credentials and check whether it is possible to login to the target machine