14 matches found
CVE-2025-63729
CVE-2025-63729 affects Syrotech SY-GPON-1110-WDONT SYRO_3.7L_3.1.02-240517. The vulnerability allows extraction of SSL private key, CA certificate, SSL certificate, and client certificates stored in PEM format in the firmware’s etc folder. Root cause details are not explicitly provided beyond the...
CVE-2024-41692
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system. Successful exploitation of this...
CVE-2024-41686
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password policies. A local attacker could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerable system. Successful exploitation of this...
CVE-2024-41692
The CVE-2024-41692 issue affects SyroTech SY-GPON-1110-WDONT Router. It stems from root terminal access on the serial interface without proper access control, enabling an attacker with physical access to reach the root shell and potentially run arbitrary commands with root privileges. The linked ...
CVE-2024-41692 Incorrect Access Control Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system. Successful exploitation of this...
CVE-2024-41691 Insecure Storage of Sensitive Information Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary...
CVE-2024-41691
CVE-2024-41691 affects SyroTech SY-GPON-1110-WDONT router. Affected component: firmware SquashFS-root stores FTP credentials in plaintext, enabling an attacker with physical access to extract firmware, reverse‑engineer data, and access the FTP server credentials. Impact: unauthorized FTP access a...
CVE-2024-41689 Hard-coded Credentials Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WP...
CVE-2024-41688 Cleartext Storage of Sensitive Information Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing of usernames and passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the...
CVE-2024-41688
The CVE-2024-41688 entry refers to a cleartext storage vulnerability in the SyroTech SY-GPON-1110-WDONT Router, caused by lack of encryption when storing usernames and passwords in firmware/database. Exploitation requires physical access: an attacker can extract firmware, reverse engineer the bin...
CVE-2024-41687 Cleartext Transmission of Sensitive Information Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password in plain text. A remote attacker could exploit this vulnerability by intercepting transmission within an HTTP session on the vulnerable system. Successful exploitation of this vulnerability could allow...
CVE-2024-41684 Cookie Without Secure Flag Set Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system...
PT-2024-29506 · Syrotech · Syrotech Sy-Gpon-1110-Wdont Router
Name of the Vulnerable Software and Affected Versions: SyroTech SY-GPON-1110-WDONT Router affected versions not specified Description: The issue arises from the improper implementation of password policies. A local attacker could exploit this by creating passwords that do not adhere to the define...
SyroTech SY-GPON-1110-WDONT 安全漏洞
The SyroTech SY-GPON-1110-WDONT is a wireless router from SyroTech. A security vulnerability exists in the SyroTech SY-GPON-1110-WDONT that stems from improper implementation of a password policy. An attacker can exploit this vulnerability to launch further attacks on the system...