Vulnerability Description
Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siklu | Tg Firmware | < 2.1.1 |
| Siklu | Tg Lr T280 | - |
| Siklu | Tg Mpl-261 | - |
| Siklu | Tg N265 | - |
| Siklu | Tg N366 | - |
| Siklu | Tg N367 | - |
| Siklu | Tg T260 | - |
| Siklu | Tg T261 | - |
| Siklu | Tg T265 | - |
Related Weaknesses (CWE)
References
- https://semaja2.net/2023/06/11/siklu-tg-auth-bypass.htmlExploitThird Party Advisory
- https://semaja2.net/2023/06/11/siklu-tg-auth-bypass.htmlExploitThird Party Advisory
FAQ
What is CVE-2022-47037?
CVE-2022-47037 is a vulnerability with a CVSS score of 7.5 (HIGH). Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials.
How severe is CVE-2022-47037?
CVE-2022-47037 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-47037?
Check the references section above for vendor advisories and patch information. Affected products include: Siklu Tg Firmware, Siklu Tg Lr T280, Siklu Tg Mpl-261, Siklu Tg N265, Siklu Tg N366.