CVE-2024-58300

UNKNOWN 0.0

Siklu MultiHaul TG Series < 2.0.0 Unauthenticated Credential Disclosure Vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling direct SSH access to the device.

CWE	CWE-306
Vendor	siklu
Product	multihaul tg series
Published	Dec 11, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for siklu multihaul tg series

Be the first to know when new unknown vulnerabilities affecting siklu multihaul tg series are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Siklu / MultiHaul TG series

2.0.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/51932 siklu.com: https://siklu.com/ vulncheck.com: https://www.vulncheck.com/advisories/siklu-multihaul-tg-series-unauthenticated-credential-disclosure-vulnerability

Credits

semaja2