BridgeHead FileStore < 24A Apache Axis2 Default Credentials RCE

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that allows unauthenticated remote attackers to execute arbitrary OS commands. Attackers can authenticate to the admin console using default credentials, upload a malicious Java archive as a web service, and execute arbitrary commands on the host via SOAP requests to the deployed service.

AI Analysis

Unauthenticated remote attackers can execute arbitrary OS commands due to default credentials exposure in Apache Axis2 administration module

Basic Information

ID CVE-2026-39920

Source VulnCheck

Published Apr 24, 2026 at 15:48

Affected Product

Vendor BridgeHead Software

Product FileStore

Affected Versions BridgeHead Software FileStore 0

CWE Classification

CWE-1188 CWE-1391

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor BridgeHead Software

Product FileStore

Version < 24A

References

{
    "lastseen": "",
    "description": "BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that allows unauthenticated remote attackers to execute arbitrary OS commands. Attackers can authenticate to the admin console using default credentials, upload a malicious Java archive as a web service, and execute arbitrary commands on the host via SOAP requests to the deployed service.",
    "published": "2026-04-24T15:48:26.059Z",
    "modified": "2026-04-24T15:48:26.059Z",
    "type": "cve",
    "title": "BridgeHead FileStore < 24A Apache Axis2 Default Credentials RCE",
    "source": "VulnCheck",
    "references": "https://gist.github.com/VAMorales/9e6a13d7529c079a363930dff48be3ba\nhttps://www.bridgeheadsoftware.com/rapid-data-protection-product-updates/\nhttps://issues.apache.org/jira/browse/AXIS2-4279\nhttps://axis.apache.org/axis2/java/core/docs/webadminguide.html\nhttps://www.vulncheck.com/advisories/bridgehead-filestore-24a-apache-axis2-default-credentials-rce",
    "id": "CVE-2026-39920",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1188",
        "CWE-1391"
    ],
    "cvelist": null,
    "sourceData": "BridgeHead Software FileStore 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FileStore",
    "version": "0",
    "vendor": "BridgeHead Software",
    "ai_description": "Unauthenticated remote attackers can execute arbitrary OS commands due to default credentials exposure in Apache Axis2 administration module",
    "ai_severity": "Critical",
    "ai_vendor": "BridgeHead Software",
    "ai_product": "FileStore",
    "ai_version": "< 24A",
    "ai_score": 9.3
}

BridgeHead FileStore < 24A Apache Axis2 Default Credentials RCE_CVE-2026-39920