Syrotech

Sy-gpon-1110-wdont Firmware

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2025-63729

Exploit
  • EPSS 0.01%
  • Veröffentlicht 25.11.2025 00:00:00
  • Zuletzt bearbeitet 30.12.2025 17:17:23

An issue was discovered in Syrotech SY-GPON-1110-WDONT SYRO_3.7L_3.1.02-240517 allowing attackers to exctract the SSL Private Key, CA Certificate, SSL Certificate, and Client Certificates in .pem format in firmware in etc folder.

8.6

CVE-2024-41692

  • EPSS 0.06%
  • Veröffentlicht 26.07.2024 13:15:09
  • Zuletzt bearbeitet 21.11.2024 09:32:59

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulner...

3.3

CVE-2024-41686

  • EPSS 0.04%
  • Veröffentlicht 26.07.2024 12:15:03
  • Zuletzt bearbeitet 21.11.2024 09:32:58

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password policies. A local attacker could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerabl...

7.5

CVE-2024-41687

  • EPSS 0.14%
  • Veröffentlicht 26.07.2024 12:15:03
  • Zuletzt bearbeitet 21.11.2024 09:32:58

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password in plain text. A remote attacker could exploit this vulnerability by intercepting transmission within an HTTP session on the vulnerable system. Successfu...

4.6

CVE-2024-41688

  • EPSS 0.05%
  • Veröffentlicht 26.07.2024 12:15:03
  • Zuletzt bearbeitet 21.11.2024 09:32:58

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing of usernames and passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and re...

4.6

CVE-2024-41689

  • EPSS 0.01%
  • Veröffentlicht 26.07.2024 12:15:03
  • Zuletzt bearbeitet 21.11.2024 09:32:58

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engi...

4.6

CVE-2024-41690

  • EPSS 0.06%
  • Veröffentlicht 26.07.2024 12:15:03
  • Zuletzt bearbeitet 21.11.2024 09:32:58

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the fir...

4.6

CVE-2024-41691

  • EPSS 0.06%
  • Veröffentlicht 26.07.2024 12:15:03
  • Zuletzt bearbeitet 21.11.2024 09:32:59

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extractin...

5.3

CVE-2024-41684

  • EPSS 0.11%
  • Veröffentlicht 26.07.2024 12:15:02
  • Zuletzt bearbeitet 21.11.2024 09:32:57

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission w...

7.5

CVE-2024-41685

  • EPSS 0.23%
  • Veröffentlicht 26.07.2024 12:15:02
  • Zuletzt bearbeitet 21.11.2024 09:32:58

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission...