CVE-2022-43308

CVE Database · CVE-2022-43308

· HIGHModified

CVSS v3.1

7.8

EPSS

0.28%

Published

Nov 18, 2022

Modified

Apr 30, 2025

Public PoC / Exploit (1)

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

INTELBRAS SG 2404 MR 20180928-rel64938 allows authenticated attackers to arbitrarily create Administrator accounts via crafted user cookies.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-269CWE-269

Affected Products (4)

intelbras · sg_2404_poe_firmwarevulnerable

intelbras · sg_2404_poe

intelbras · sg_2404_mr_firmwarevulnerable

intelbras · sg_2404_mr

References (4)

ExploitThird Party Advisory

Product

ExploitThird Party Advisory

Product