Unencrypted WPA/WPS Credentials in SyroTech Router Could Lead to Wi-Fi Network Access
CVE-2024-41689

4.6MEDIUM

Key Information:

Vendor: Syrotech
Status: Syrotech Sy-gpon-1110-wdont Router
Vendor: CVE Published:; 26 July 2024

What is CVE-2024-41689?

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WPA/ WPS credentials on the vulnerable system.

Successful exploitation of this vulnerability could allow the attacker to bypass WPA/ WPS and gain access to the Wi-Fi network of the targeted system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SyroTech SY-GPON-1110-WDONT router 3.1.02-231102

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOT...

third-party-advisory

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 26, 2024
Vulnerability Reserved
Jul 19, 2024

Credit

These vulnerabilities are discovered by Shravan Singh, Rahul Giri, & Karan Patel from Redfox Cyber Security Inc, Toronto, Canada.

JSON

Syrotech

What is CVE-2024-41689?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.