CVE-2024-41687
July 26, 2024, 12:38 p.m.
Tags
Product(s) Impacted
SyroTech SY-GPON-1110-WDONT Router
Description
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password in plain text. A remote attacker could exploit this vulnerability by intercepting transmission within an HTTP session on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.
Weaknesses
CWE-319
Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
CWE ID: 319Date
Published: July 26, 2024, 12:15 p.m.
Last Modified: July 26, 2024, 12:38 p.m.
Status : Undergoing Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
More infoSource
vdisclose@cert-in.org.in