This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to capture cookies and obtain sensitive information on the targeted system.
History

Fri, 22 Nov 2024 12:00:00 +0000


Thu, 10 Oct 2024 13:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:h:syrotech:sy-gpon-1110-wdont:*:*:*:*:*:*:*:* cpe:2.3:h:syrotech:sy-gpon-1110-wdont:-:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: CERT-In

Published: 2024-07-26T11:41:53.968Z

Updated: 2024-08-02T04:46:52.672Z

Reserved: 2024-07-19T11:24:20.419Z

Link: CVE-2024-41685

cve-icon Vulnrichment

Updated: 2024-07-26T14:37:49.197Z

cve-icon NVD

Status : Modified

Published: 2024-07-26T12:15:02.977

Modified: 2024-11-21T09:32:58.130

Link: CVE-2024-41685

cve-icon Redhat

No data.