CVE-2024-41689
CVSS V2 None
CVSS V3 None
Description
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WPA/ WPS credentials on the vulnerable system.
Successful exploitation of this vulnerability could allow the attacker to bypass WPA/ WPS and gain access to the Wi-Fi network of the targeted system.
Overview
- CVE ID
- CVE-2024-41689
- Assigner
- CERT-In
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-07-26T11:59:38.725Z
- Last Modified Date
- 2024-07-26T18:12:01.040Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225 | third-party-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-41689 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41689 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-07-27 13:03:35 | Added to TrackCVE |