EUVD-2024-39131

Malicious code in bioql PyPI...

CVE-2025-10957

This vulnerability exists in the Syrotech SY-GPON-2010-WADONT router due to improper access control in its FTP service. A remote attacker could exploit this vulnerability by establishing an FTP connection using default credentials, potentially gaining unauthorized access to configuration files,...

CVE-2025-10957

The CVE-2025-10957 entry concerns the Syrotech SY-GPON-2010-WADONT router, where an improper access control in the FTP service may allow remote access via default credentials. Affected component: FTP service on the SY-GPON-2010-WADONT router. Root cause: insufficient access control enabling unaut...

CVE-2025-10957 Unrestricted FTP Access Vulnerability in Syrotech Router

This vulnerability exists in the Syrotech SY-GPON-2010-WADONT router due to improper access control in its FTP service. A remote attacker could exploit this vulnerability by establishing an FTP connection using default credentials, potentially gaining unauthorized access to configuration files,...

CVE-2025-10957 Unrestricted FTP Access Vulnerability in Syrotech Router

This vulnerability exists in the Syrotech SY-GPON-2010-WADONT router due to improper access control in its FTP service. A remote attacker could exploit this vulnerability by establishing an FTP connection using default credentials, potentially gaining unauthorized access to configuration files,...

PT-2025-39363

Name of the Vulnerable Software and Affected Versions Syrotech SY-GPON-2010-WADONT router affected versions not specified Description The Syrotech SY-GPON-2010-WADONT router contains a flaw related to improper access control within its FTP service. A remote attacker can connect via FTP using...

Syrotech SY-GPON-2010-WADONT 访问控制错误漏洞

The Syrotech SY-GPON-2010-WADONT is an optical network termination device from Syrotech India. An access control error vulnerability exists in the Syrotech SY-GPON-2010-WADONT that stems from improper access control of the FTP service, which could lead to unauthorized access...

CVE-2024-41684

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system...

CVE-2024-41688

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing of usernames and passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the...

CVE-2024-41689

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WP...

CVE-2024-46658

Syrotech SY-GOPON-8OLT-L3 v1.6.0240629 was discovered to contain an authenticated command injection vulnerability...

CVE-2024-46658

Syrotech SY-GOPON-8OLT-L3 v1.6.0240629 was discovered to contain an authenticated command injection vulnerability...

CVE-2024-46658

Syrotech SY-GOPON-8OLT-L3 v1.6.0240629 was discovered to contain an authenticated command injection vulnerability...

CVE-2024-46658

Syrotech SY-GOPON-8OLT-L3 v1.6.0240629 was discovered to contain an authenticated command injection vulnerability...

SyroTech SY-GOPON-8OLT-L3 安全漏洞

The SyroTech SY-GOPON-8OLT-L3 is an optical line terminal from SyroTech. A security vulnerability exists in SyroTech SY-GOPON-8OLT-L3 version 1.6.0240629 that stems from the presence of an authenticated command injection vulnerability...

CVE-2024-46658

CVE-2024-46658 concerns Syrotech SY-GOPON-8OLT-L3 hardware (firmware v1.6.0_240629). The authenticated command-injection vulnerability is described as requiring LOW privileges with an adjacent attack vector and no user interaction. The CVSSv3.1 base score is 8.0 (HIGH), with impacts to confidenti...

SyroTech SY-GPON-1110-WDONT Information Disclosure Vulnerability (CNVD-2024-34375)

The SyroTech SY-GPON-1110-WDONT is a wireless router from SyroTech. The SyroTech SY-GPON-1110-WDONT suffers from an information disclosure vulnerability that stems from a lack of encryption when storing usernames and passwords in the router's firmware/database. An attacker can exploit this...

SyroTech SY-GPON-1110-WDONT Information Disclosure Vulnerability (CNVD-2024-34377)

The SyroTech SY-GPON-1110-WDONT is a wireless router from SyroTech. The SyroTech SY-GPON-1110-WDONT suffers from an information disclosure vulnerability that stems from a missing security flag in a session cookie associated with the router's web management interface. An attacker could exploit thi...

SyroTech SY-GPON-1110-WDONT Access Control Error Vulnerability

The SyroTech SY-GPON-1110-WDONT is a wireless router from SyroTech. The SyroTech SY-GPON-1110-WDONT suffers from an Access Control Error vulnerability that arises from the presence of root terminal access on the serial interface without proper access control. An attacker could exploit this...

SyroTech SY-GPON-1110-WDONT Information Disclosure Vulnerability (CNVD-2024-34373)

The SyroTech SY-GPON-1110-WDONT is a wireless router from SyroTech. The SyroTech SY-GPON-1110-WDONT suffers from an information disclosure vulnerability that stems from the lack of the HTTPOnly flag in a session cookie associated with the router's web management interface. An attacker can exploit...