Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-41690

Summary
Assigner-CERT-In
Assigner Org ID-66834db9-ab24-42b4-be80-296b2e40335c
Published At-26 Jul, 2024 | 12:02
Updated At-02 Aug, 2024 | 04:46
Rejected At-
Credits

Default Credential Storage in Plaintext Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext default credentials on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:CERT-In
Assigner Org ID:66834db9-ab24-42b4-be80-296b2e40335c
Published At:26 Jul, 2024 | 12:02
Updated At:02 Aug, 2024 | 04:46
Rejected At:
▼CVE Numbering Authority (CNA)
Default Credential Storage in Plaintext Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext default credentials on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.

Affected Products
Vendor
SyroTech
Product
SyroTech SY-GPON-1110-WDONT router
Default Status
unaffected
Versions
Affected
  • 3.1.02-231102
Problem Types
TypeCWE IDDescription
CWECWE-312CWE-312: Cleartext Storage of Sensitive Information
Type: CWE
CWE ID: CWE-312
Description: CWE-312: Cleartext Storage of Sensitive Information
Metrics
VersionBase scoreBase severityVector
4.07.0HIGH
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 7.0
Base severity: HIGH
Vector:
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-37CAPEC-37 Retrieve Embedded Sensitive Data
CAPEC ID: CAPEC-37
Description: CAPEC-37 Retrieve Embedded Sensitive Data
Solutions

Upgrade SyroTech SY-GPON-1110-WDONT Router firmware to patched version 3.1.02-240517 http://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view

Configurations
Workarounds
Exploits
Credits
finder
These vulnerabilities are discovered by Shravan Singh, Rahul Giri, & Karan Patel from Redfox Cyber Security Inc, Toronto, Canada.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
third-party-advisory
Hyperlink: https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
syrotech
Product
sy-gpon-1110-wdont_firmware
CPEs
  • cpe:2.3:o:syrotech:sy-gpon-1110-wdont_firmware:3.1.02-231102:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 3.1.02-231102
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
third-party-advisory
x_transferred
Hyperlink: https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
Resource:
third-party-advisory
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:vdisclose@cert-in.org.in
Published At:26 Jul, 2024 | 12:15
Updated At:01 Aug, 2024 | 08:15

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext default credentials on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.07.0HIGH
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 7.0
Base severity: HIGH
Vector:
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-312Secondaryvdisclose@cert-in.org.in
CWE ID: CWE-312
Type: Secondary
Source: vdisclose@cert-in.org.in
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225vdisclose@cert-in.org.in
N/A
Hyperlink: https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
Source: vdisclose@cert-in.org.in
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

6Records found
CVE-2024-41688
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-7||HIGH
EPSS-0.11% / 1.56%
||
7 Day CHG~0.00%
Published-26 Jul, 2024 | 11:56
Updated-02 Aug, 2024 | 04:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cleartext Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing of usernames and passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext credentials on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.

Action-Not Available
Vendor-SyroTech
Product-SyroTech SY-GPON-1110-WDONT router
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-41691
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-7||HIGH
EPSS-0.15% / 4.74%
||
7 Day CHG~0.00%
Published-26 Jul, 2024 | 12:06
Updated-05 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext FTP credentials from the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the FTP server associated with the targeted system.

Action-Not Available
Vendor-SyroTech
Product-SyroTech SY-GPON-1110-WDONT router
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2025-63729
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9||CRITICAL
EPSS-0.08% / 0.22%
||
7 Day CHG~0.00%
Published-25 Nov, 2025 | 00:00
Updated-30 Dec, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Syrotech SY-GPON-1110-WDONT SYRO_3.7L_3.1.02-240517 allowing attackers to exctract the SSL Private Key, CA Certificate, SSL Certificate, and Client Certificates in .pem format in firmware in etc folder.

Action-Not Available
Vendor-syrotechn/a
Product-sy-gpon-1110-wdontsy-gpon-1110-wdont_firmwaren/a
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CWE ID-CWE-532
Insertion of Sensitive Information into Log File
CVE-2025-59105
Matching Score-4
Assigner-SEC Consult Vulnerability Lab
ShareView Details
Matching Score-4
Assigner-SEC Consult Vulnerability Lab
CVSS Score-7||HIGH
EPSS-0.10% / 0.95%
||
7 Day CHG~0.00%
Published-26 Jan, 2026 | 10:06
Updated-26 Jan, 2026 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unencrypted Flash Storage in dormakaba access manager

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and read, in order to gain SSH root access on the Linux-based K7 model. On the Windows CE based K5 model, the password for the Access Manager can additionally be read in plain text from the stored SQLite database.

Action-Not Available
Vendor-dormakaba
Product-Access Manager 92xx-k7Access Manager 92xx-k5
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2025-54464
Matching Score-4
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-4
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-7||HIGH
EPSS-0.08% / 0.27%
||
7 Day CHG~0.00%
Published-13 Aug, 2025 | 11:12
Updated-13 Aug, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cleartext Storage Vulnerability in ZKTeco WL20

This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted credentials stored in the firmware of targeted device.

Action-Not Available
Vendor-ZKTeco Co
Product-WL20 Biometric Attendance System
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-38280
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7||HIGH
EPSS-0.15% / 4.60%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 17:05
Updated-03 Oct, 2024 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cleartext Storage in a File or on Disk in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)

An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.

Action-Not Available
Vendor-Motorola SolutionsmotorolasolutionsMotorola Mobility LLC. (Lenovo Group Limited)
Product-vigilant_fixed_lpr_coms_box_firmwarevigilant_fixed_lpr_coms_boxVigilant Fixed LPR Coms Box (BCAV1F2-C600)vigilant_fixed_lpr_coms_box
CWE ID-CWE-313
Cleartext Storage in a File or on Disk
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
Details not found