This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password in plain text. A remote attacker could exploit this vulnerability by intercepting transmission within an HTTP session on the vulnerable system.
Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.
References
Link | Resource |
---|---|
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225 | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
05 Aug 2024, 21:05
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Syrotech sy-gpon-1110-wdont Firmware
Syrotech sy-gpon-1110-wdont Syrotech |
|
References | () https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225 - Third Party Advisory | |
CPE | cpe:2.3:o:syrotech:sy-gpon-1110-wdont_firmware:3.1.02-231102:*:*:*:*:*:*:* cpe:2.3:h:syrotech:sy-gpon-1110-wdont:-:*:*:*:*:*:*:* |
01 Aug 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary |
|
26 Jul 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-26 12:15
Updated : 2024-08-05 21:05
NVD link : CVE-2024-41687
Mitre link : CVE-2024-41687
CVE.ORG link : CVE-2024-41687
JSON object : View
Products Affected
syrotech
- sy-gpon-1110-wdont
- sy-gpon-1110-wdont_firmware
CWE
CWE-319
Cleartext Transmission of Sensitive Information