Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-41691

Summary
Assigner-CERT-In
Assigner Org ID-66834db9-ab24-42b4-be80-296b2e40335c
Published At-26 Jul, 2024 | 12:06
Updated At-05 Aug, 2024 | 10:24
Rejected At-
Credits

Insecure Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext FTP credentials from the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the FTP server associated with the targeted system.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:CERT-In
Assigner Org ID:66834db9-ab24-42b4-be80-296b2e40335c
Published At:26 Jul, 2024 | 12:06
Updated At:05 Aug, 2024 | 10:24
Rejected At:
▼CVE Numbering Authority (CNA)
Insecure Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext FTP credentials from the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the FTP server associated with the targeted system.

Affected Products
Vendor
SyroTech
Product
SyroTech SY-GPON-1110-WDONT router
Default Status
unaffected
Versions
Affected
  • 3.1.02-231102
Problem Types
TypeCWE IDDescription
CWECWE-312CWE-312: Cleartext Storage of Sensitive Information
Type: CWE
CWE ID: CWE-312
Description: CWE-312: Cleartext Storage of Sensitive Information
Metrics
VersionBase scoreBase severityVector
4.07.0HIGH
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 7.0
Base severity: HIGH
Vector:
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-37CAPEC-37 Retrieve Embedded Sensitive Data
CAPEC ID: CAPEC-37
Description: CAPEC-37 Retrieve Embedded Sensitive Data
Solutions

Upgrade SyroTech SY-GPON-1110-WDONT Router firmware to patched version 3.1.02-240517 http://drive.google.com/file/d/1JQc3AkJm69mV0kg2c-b-zzaojc87Rru9/view

Configurations
Workarounds
Exploits
Credits
finder
These vulnerabilities are discovered by Shravan Singh, Rahul Giri, & Karan Patel from Redfox Cyber Security Inc, Toronto, Canada.
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
third-party-advisory
Hyperlink: https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
third-party-advisory
x_transferred
Hyperlink: https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
Resource:
third-party-advisory
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:vdisclose@cert-in.org.in
Published At:26 Jul, 2024 | 12:15
Updated At:01 Aug, 2024 | 08:15

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext FTP credentials from the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the FTP server associated with the targeted system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.07.0HIGH
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 4.0
Base score: 7.0
Base severity: HIGH
Vector:
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-312Secondaryvdisclose@cert-in.org.in
CWE ID: CWE-312
Type: Secondary
Source: vdisclose@cert-in.org.in
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225vdisclose@cert-in.org.in
N/A
Hyperlink: https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225
Source: vdisclose@cert-in.org.in
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

4Records found
CVE-2024-41690
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-7||HIGH
EPSS-0.04% / 10.44%
||
7 Day CHG~0.00%
Published-26 Jul, 2024 | 12:02
Updated-02 Aug, 2024 | 04:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Default Credential Storage in Plaintext Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and password credentials in plaintext within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext default credentials on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.

Action-Not Available
Vendor-SyroTechsyrotech
Product-SyroTech SY-GPON-1110-WDONT routersy-gpon-1110-wdont_firmware
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-41688
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-10
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-7||HIGH
EPSS-0.05% / 15.95%
||
7 Day CHG~0.00%
Published-26 Jul, 2024 | 11:56
Updated-02 Aug, 2024 | 04:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cleartext Storage of Sensitive Information Vulnerability

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing of usernames and passwords within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext credentials on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.

Action-Not Available
Vendor-SyroTech
Product-SyroTech SY-GPON-1110-WDONT router
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2024-38280
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7||HIGH
EPSS-0.06% / 19.91%
||
7 Day CHG~0.00%
Published-13 Jun, 2024 | 17:05
Updated-03 Oct, 2024 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cleartext Storage in a File or on Disk in Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600)

An unauthorized user is able to gain access to sensitive data, including credentials, by physically retrieving the hard disk of the product as the data is stored in clear text.

Action-Not Available
Vendor-Motorola SolutionsmotorolasolutionsMotorola Mobility LLC. (Lenovo Group Limited)
Product-vigilant_fixed_lpr_coms_box_firmwarevigilant_fixed_lpr_coms_boxVigilant Fixed LPR Coms Box (BCAV1F2-C600)vigilant_fixed_lpr_coms_box
CWE ID-CWE-313
Cleartext Storage in a File or on Disk
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2025-54464
Matching Score-4
Assigner-Indian Computer Emergency Response Team (CERT-In)
ShareView Details
Matching Score-4
Assigner-Indian Computer Emergency Response Team (CERT-In)
CVSS Score-7||HIGH
EPSS-0.01% / 0.27%
||
7 Day CHG~0.00%
Published-13 Aug, 2025 | 11:12
Updated-13 Aug, 2025 | 17:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cleartext Storage Vulnerability in ZKTeco WL20

This vulnerability exists in ZKTeco WL20 due to storage of admin and user credentials without encryption in the device firmware. An attacker with physical access could exploit this vulnerability by extracting the firmware and reverse engineer the binary data to access the unencrypted credentials stored in the firmware of targeted device.

Action-Not Available
Vendor-ZKTeco Co
Product-WL20 Biometric Attendance System
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
Details not found