CVE-2022-47037
18.03.2024, 03:15
Siklu TG Terragraph devices before 2.1.1 allow attackers to discover valid, randomly generated credentials via GetCredentials.Enginsight
| Vendor | Product | Version |
|---|---|---|
| siklu | tg_firmware | 𝑥 < 2.1.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-522 - Insufficiently Protected CredentialsThe product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
- CWE-284 - Improper Access ControlThe software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.