2 matches found
CVE-2024-41685
Summary: CVE-2024-41685 affects the SyroTech SY-GPON-1110-WDONT router. Root cause: session cookies used by the router’s web management interface lack the HTTPOnly flag, enabling potential cookie theft. Impact (as stated): an attacker with remote access could intercept HTTP session transmissions,...
CVE-2024-41685 Cookie Without HTTPOnly Flag Set Vulnerability
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable syste...