CVE-2024-41692
July 26, 2024, 1:15 p.m.
Tags
Product(s) Impacted
SyroTech SY-GPON-1110-WDONT Router
Description
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system.
Weaknesses
CWE-1191
On-Chip Debug and Test Interface With Improper Access Control
The chip does not implement or does not correctly perform access control to check whether users are authorized to access internal registers and test modes through the physical debug/test interface.
CWE ID: 1191Date
Published: July 26, 2024, 1:15 p.m.
Last Modified: July 26, 2024, 1:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
vdisclose@cert-in.org.in