Sy-gpon-1110-wdont Firmware Security Vulnerabilities and Issues — Sy-gpon-1110-wdont Firmware CVE List

Lucene search

SyrotechSy-gpon-1110-wdont Firmware

8 matches found

CVE•added 2024/07/26 12:15 p.m.•54 views

CVE-2024-41687

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password in plain text. A remote attacker could exploit this vulnerability by intercepting transmission within an HTTP session on the vulnerable system. Successful exploitation of this vulnerability could allow t...

8.6CVSS6.9AI score0.00098EPSS

CVE•added 2024/07/26 12:15 p.m.•53 views

CVE-2024-41689

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WPA/...

5.2CVSS6.8AI score0.00031EPSS

CVE•added 2024/07/26 12:15 p.m.•51 views

CVE-2024-41685

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system....

7.5CVSS6.2AI score0.00146EPSS

CVE•added 2024/07/26 12:15 p.m.•50 views

CVE-2024-41686

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password policies. A local attacker could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerable system. Successful exploitation of this vulnera...

7.3CVSS6.5AI score0.00013EPSS

CVE•added 2024/07/26 12:15 p.m.•47 views

CVE-2024-41690

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to acc...

7CVSS6.7AI score0.00039EPSS

CVE•added 2024/07/26 12:15 p.m.•44 views

CVE-2024-41691

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary da...

7CVSS6.5AI score0.00039EPSS

CVE•added 2024/07/26 12:15 p.m.•38 views

CVE-2024-41688

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing of usernames and passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plai...

7CVSS6.8AI score0.00052EPSS

CVE•added 2024/07/26 12:15 p.m.•37 views

CVE-2024-41684

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system. S...

6.9CVSS6.6AI score0.00071EPSS