// For flags

CVE-2022-47767

 

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Attend
*SSVC
Descriptions

A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects all Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 (included).

Una puerta trasera en los productos Solar-Log Gateway permite el acceso remoto a través de un panel web, obteniendo privilegios de superadministración para el atacante. Esto afecta a todos los dispositivos Solar-Log que utilizan la versión de firmware v4.2.7 hasta v5.1.1 (incluida).

A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker. This affects Solar-Log devices that use firmware version v4.2.7 up to v5.1.1 (included). This does not exist in SL 200, 500, 1000 / fixed in 4.2.8 for SL 250, 300, 1200, 2000, SL 50 Gateway / fixed in 5.1.2 / 6.0.0 for SL Base.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Attend
Exploitation
Poc
Automatable
Yes
Tech. Impact
Total
* Organization's Worst-case Scenario
Timeline
  • 2022-12-21 CVE Reserved
  • 2023-01-25 CVE Published
  • 2025-03-30 EPSS Updated
  • 2025-04-01 CVE Updated
  • 2025-04-01 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-912: Hidden Functionality
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Solar-log
Search vendor "Solar-log"
Solar-log 250 Firmware
Search vendor "Solar-log" for product "Solar-log 250 Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 250 Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 250
Search vendor "Solar-log" for product "Solar-log 250"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 250 Firmware
Search vendor "Solar-log" for product "Solar-log 250 Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 250 Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 250
Search vendor "Solar-log" for product "Solar-log 250"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 300 Firmware
Search vendor "Solar-log" for product "Solar-log 300 Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 300 Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 300
Search vendor "Solar-log" for product "Solar-log 300"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 300 Firmware
Search vendor "Solar-log" for product "Solar-log 300 Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 300 Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 300
Search vendor "Solar-log" for product "Solar-log 300"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 500 Firmware
Search vendor "Solar-log" for product "Solar-log 500 Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 500 Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 500
Search vendor "Solar-log" for product "Solar-log 500"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 500 Firmware
Search vendor "Solar-log" for product "Solar-log 500 Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 500 Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 500
Search vendor "Solar-log" for product "Solar-log 500"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 800e Firmware
Search vendor "Solar-log" for product "Solar-log 800e Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 800e Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 800e
Search vendor "Solar-log" for product "Solar-log 800e"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 800e Firmware
Search vendor "Solar-log" for product "Solar-log 800e Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 800e Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 800e
Search vendor "Solar-log" for product "Solar-log 800e"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 1000 Firmware
Search vendor "Solar-log" for product "Solar-log 1000 Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 1000 Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 1000
Search vendor "Solar-log" for product "Solar-log 1000"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 1000 Firmware
Search vendor "Solar-log" for product "Solar-log 1000 Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 1000 Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 1000
Search vendor "Solar-log" for product "Solar-log 1000"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 1000 Pm\+ Firmware
Search vendor "Solar-log" for product "Solar-log 1000 Pm\+ Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 1000 Pm\+ Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 1000 Pm\+
Search vendor "Solar-log" for product "Solar-log 1000 Pm\+"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 1000 Pm\+ Firmware
Search vendor "Solar-log" for product "Solar-log 1000 Pm\+ Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 1000 Pm\+ Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 1000 Pm\+
Search vendor "Solar-log" for product "Solar-log 1000 Pm\+"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 1200 Firmware
Search vendor "Solar-log" for product "Solar-log 1200 Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 1200 Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 1200
Search vendor "Solar-log" for product "Solar-log 1200"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 1200 Firmware
Search vendor "Solar-log" for product "Solar-log 1200 Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 1200 Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 1200
Search vendor "Solar-log" for product "Solar-log 1200"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 2000 Firmware
Search vendor "Solar-log" for product "Solar-log 2000 Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 2000 Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 2000
Search vendor "Solar-log" for product "Solar-log 2000"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 2000 Firmware
Search vendor "Solar-log" for product "Solar-log 2000 Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 2000 Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 2000
Search vendor "Solar-log" for product "Solar-log 2000"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 500 Firmware
Search vendor "Solar-log" for product "Solar-log 500 Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 500 Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 500
Search vendor "Solar-log" for product "Solar-log 500"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 500 Firmware
Search vendor "Solar-log" for product "Solar-log 500 Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 500 Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 500
Search vendor "Solar-log" for product "Solar-log 500"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 50 Firmware
Search vendor "Solar-log" for product "Solar-log 50 Firmware"
< 4.2.8_117
Search vendor "Solar-log" for product "Solar-log 50 Firmware" and version " < 4.2.8_117"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 50
Search vendor "Solar-log" for product "Solar-log 50"
--
Safe
Solar-log
Search vendor "Solar-log"
Solar-log 50 Firmware
Search vendor "Solar-log" for product "Solar-log 50 Firmware"
>= 5.0.0 < 5.1.2_156
Search vendor "Solar-log" for product "Solar-log 50 Firmware" and version " >= 5.0.0 < 5.1.2_156"
-
Affected
in Solar-log
Search vendor "Solar-log"
Solar-log 50
Search vendor "Solar-log" for product "Solar-log 50"
--
Safe