CVE-2024-58300

Siklu MultiHaul TG Series < 2.0.0 Unauthenticated Credential Disclosure Vulnerability

Description

Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling direct SSH access to the device.

INFO

Published Date :

2025-12-11T21:39:32.964Z

Last Modified :

2026-04-07T14:08:44.659Z

Source :

VulnCheck

AFFECTED PRODUCTS

The following products are affected by CVE-2024-58300 vulnerability.

Vendors	Products
Siklu	Multihaul Tg Series

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-58300.

URL	Resource
https://siklu.com/
https://www.exploit-db.com/exploits/51932
https://www.vulncheck.com/advisories/siklu-multihaul-tg-series-unauthenticated-credential-disclosure-vulnerability

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability