This vulnerability chain in Riverbed SteelCentral NetExpress 10.8.7 involves an authenticated SQL injection (CWE-89) in the login API endpoint that enables attacker-controlled creation of a new user. The attacker then leverages a command injection flaw (CWE-78) in the licenses page to execute arbitrary commands. Privilege escalation to root is possible due to an insecure sudoers configuration (CWE-306) allowing the 'mazu' user to execute commands as root, combined with SSH key extraction and command chaining (CWE-266). The CVSS 4.0 base score is 10.0 (critical), reflecting network attack vector, no required privileges or user interaction, and high impact on confidentiality, integrity, availability, and security requirements. The vulnerability affects version 10.8.7 of the product. No patch or official remediation guidance is currently available.

Successful exploitation grants an attacker full remote root access to the SteelCentral NetExpress virtual appliance, enabling complete control over the system. This includes the ability to create new user accounts, execute arbitrary commands, and escalate privileges to root. The impact is critical, potentially compromising the confidentiality, integrity, and availability of the appliance and any data or services it manages.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict access to the affected endpoints to trusted users only and monitor for suspicious activity related to user creation and command execution. Consider disabling or restricting the 'mazu' user and reviewing sudoers configurations to limit privilege escalation opportunities.