1. Home
  2. Web App Vulnerabilities
  3. How to remediate – SolusVM Default Administrator Credentials
Searching...

How to remediate – SolusVM Default Administrator Credentials

Contents

1. Introduction

The SolusVM Default Administrator Credentials vulnerability involves a web application using default login details for its management interface. This allows an attacker with network access to gain full administrative control of the system. Systems running unconfigured SolusVM installations are affected, particularly those directly exposed to the internet. Successful exploitation could lead to complete compromise of confidentiality, integrity and availability.

2. Technical Explanation

The remote SolusVM install uses a default username (‘vpsadmin’) and password (‘vpsadmin’). An attacker can use these credentials to log in to the web interface and manage virtual machines hosted on the server. This requires only network access to the SolusVM management panel, typically via port 4081 or similar.

  • Root cause: The installation process does not enforce a change of default administrator credentials.
  • Exploit mechanism: An attacker attempts to log in using the ‘vpsadmin’ / ‘vpsadmin’ combination. If successful, they gain access to the SolusVM control panel and can create, modify or delete virtual machines.
  • Scope: All versions of SolusVM are potentially affected if default credentials remain unchanged.

3. Detection and Assessment

You can confirm vulnerability by attempting to log in with the default credentials. A more thorough method involves reviewing the application configuration.

  • Quick checks: Attempt a login via the SolusVM web interface using username ‘vpsadmin’ and password ‘vpsadmin’.
  • Scanning: Nessus plugin ID 16385 may detect this vulnerability. This is an example only, results should be verified manually.
  • Logs and evidence: Check application logs for successful logins from the SolusVM interface using default credentials. Log locations vary depending on installation method.
curl -u vpsadmin:vpsadmin http://[target_ip]:4081/

4. Solution / Remediation Steps

Change the default login credentials for the SolusVM application.

4.1 Preparation

  • No services need to be stopped.
  • Roll back: Restore from the previous snapshot if issues occur.

4.2 Implementation

  1. Step 1: Log in to the SolusVM control panel using the default credentials (‘vpsadmin’ / ‘vpsadmin’).
  2. Step 2: Navigate to “Configuration” then “Administrators”.
  3. Step 3: Select the existing administrator account.
  4. Step 4: Change the password to a strong, unique value.
  5. Step 5: Save the changes.

4.3 Config or Code Example

Before

Username: vpsadmin
Password: vpsadmin

After

Username: [new_username]
Password: [strong_password]

4.4 Security Practices Relevant to This Vulnerability

List only practices that directly address this vulnerability type. Use neutral wording and examples instead of fixed advice.

  • Practice 1: Enforce strong passwords for all accounts, including default ones.
  • Practice 2: Implement least privilege access control to limit the impact if an account is compromised.

4.5 Automation (Optional)

No suitable automation script exists due to the web interface requirement.

5. Verification / Validation

Confirm that login with default credentials no longer works, and that you can log in using the new credentials.

  • Post-fix check: Attempt a login via the SolusVM web interface using username ‘vpsadmin’ and password ‘vpsadmin’. The login should fail.
  • Re-test: Repeat the quick check from section 3, which should now also fail.
  • Smoke test: Verify you can log in with your new credentials and manage virtual machines as expected.
  • Monitoring: Check application logs for failed login attempts using default credentials.
curl -u vpsadmin:vpsadmin http://[target_ip]:4081/

6. Preventive Measures and Monitoring

Update security baselines to include a requirement to change default credentials on new installations.

  • Baselines: Update your server hardening baseline or policy to require changing default administrator passwords during initial system setup.
  • Pipelines: Include checks in deployment pipelines to verify that default accounts have been disabled or strong passwords set.
  • Asset and patch process: Regularly review new systems for unchanged default credentials as part of a vulnerability management program.

7. Risks, Side Effects, and Roll Back

Incorrectly changing the password could lock you out of the system.

  • Risk or side effect 1: Forgetting the new password will require manual intervention to reset it.
  • Roll back: Restore from the snapshot taken in section 4.1 if access is lost. If no snapshot exists, contact SolusVM support for assistance.

8. References and Resources

Link only to sources that match this exact vulnerability.

  • Vendor advisory or bulletin: No official advisory available as of October 26th, 2023.
  • NVD or CVE entry: No specific CVE exists for this issue.
  • Product or platform documentation relevant to the fix: SolusVM Documentation
Updated on December 27, 2025

Was this article helpful?

Yes No

Related Articles