CVE-2024-41692 Incorrect Access Control Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system. Successful exploitation of this...

CVE-2024-41691 Insecure Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary...

CVE-2024-41691 Insecure Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary...

CVE-2024-41691

CVE-2024-41691 affects SyroTech SY-GPON-1110-WDONT router. Affected component: firmware SquashFS-root stores FTP credentials in plaintext, enabling an attacker with physical access to extract firmware, reverse‑engineer data, and access the FTP server credentials. Impact: unauthorized FTP access a...

CVE-2024-41690 Default Credential Storage in Plaintext Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to...

CVE-2024-41690 Default Credential Storage in Plaintext Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to...

CVE-2024-41690

The CVE-2024-41690 issue affects SyroTech SY-GPON-1110-WDONT routers, caused by storing default username and password credentials in plaintext within the device firmware/database. Consequently, an attacker with physical access could extract the firmware, reverse‑engineer the binary data, and acce...

CVE-2024-41689

CVE-2024-41689 affects the SyroTech SY-GPON-1110-WDONT router. The root cause is the unencrypted storage of WPA/WPS credentials in the device firmware/database, enabling credential disclosure if the firmware is accessed. An attacker with physical access can extract the firmware, reverse‑engineer ...

CVE-2024-41689 Hard-coded Credentials Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WP...

CVE-2024-41689 Hard-coded Credentials Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WP...

CVE-2024-41688

The CVE-2024-41688 entry refers to a cleartext storage vulnerability in the SyroTech SY-GPON-1110-WDONT Router, caused by lack of encryption when storing usernames and passwords in firmware/database. Exploitation requires physical access: an attacker can extract firmware, reverse engineer the bin...

CVE-2024-41688 Cleartext Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing of usernames and passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the...

CVE-2024-41688 Cleartext Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing of usernames and passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the...

CVE-2024-41687

The connected sources confirm a vulnerability in the SyroTech SY-GPON-1110-WDONT Router where passwords are transmitted in plain text, enabling a remote attacker to gain unauthorized access by eavesdropping on HTTP sessions. The issue stems from cleartext transmission of sensitive information ove...

CVE-2024-41687 Cleartext Transmission of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password in plain text. A remote attacker could exploit this vulnerability by intercepting transmission within an HTTP session on the vulnerable system. Successful exploitation of this vulnerability could allow...

CVE-2024-41686 Password Policy Bypass Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password policies. A local attacker could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerable system. Successful exploitation of this...

CVE-2024-41686 Password Policy Bypass Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password policies. A local attacker could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerable system. Successful exploitation of this...

CVE-2024-41686

The CVE-2024-41686 entry concerns SyroTech SY-GPON-1110-WDONT Router with a weakness in password policy enforcement. Local attackers can craft passwords not adhering to defined policies, enabling potential security threats to the router. Multiple connected sources confirm the issue and its local ...

CVE-2024-41685

Summary: CVE-2024-41685 affects the SyroTech SY-GPON-1110-WDONT router. Root cause: session cookies used by the router’s web management interface lack the HTTPOnly flag, enabling potential cookie theft. Impact (as stated): an attacker with remote access could intercept HTTP session transmissions,...

CVE-2024-41685 Cookie Without HTTPOnly Flag Set Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable syste...