Vulnerability in Syrotech Sy-gpon-1110-wdont Router

CVE-2024-41684

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router's web management interface. An attacker with remote access could exploit this by intercepting tra…

EPSS: 0.001 (29.3th percentile) — read the EPSS interpretation.

Affected products

Syrotech Sy-gpon-1110-wdont Router — versions 3.1.02-231102

Weakness classification (CWE)

CWE-614 — Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

References

www.cert-in.org.in/s2cMainServlet (third-party-advisory)