Lucene search

[email protected]NVD:CVE-2024-41686

HistoryJul 26, 2024 - 12:15 p.m.

CVE-2024-41686

2024-07-2612:15:03

CWE-179

[email protected]

web.nvd.nist.gov

cve-2024-41686

syrotech

router

password policies

security threats

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

9.4%

JSON

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password policies. A local attacker could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerable system.

Successful exploitation of this vulnerability could allow the attacker to expose the router to potential security threats.

Affected configurations

Nvd

Node

syrotechsy-gpon-1110-wdont_firmwareMatch3.1.02-231102

AND

syrotechsy-gpon-1110-wdontMatch-

VendorProductVersionCPE
syrotechsy-gpon-1110-wdont_firmware3.1.02-231102cpe:2.3:o:syrotech:sy-gpon-1110-wdont_firmware:3.1.02-231102:*:*:*:*:*:*:*
syrotechsy-gpon-1110-wdont-cpe:2.3:h:syrotech:sy-gpon-1110-wdont:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
syrotech	sy-gpon-1110-wdont_firmware	3.1.02-231102	cpe:2.3:o:syrotech:sy-gpon-1110-wdont_firmware:3.1.02-231102:::::::*
syrotech	sy-gpon-1110-wdont	-	cpe:2.3:h:syrotech:sy-gpon-1110-wdont:-:::::::*

References

www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

9.4%

JSON

Related for NVD:CVE-2024-41686

vulnrichment1 cvelist1 cve1