This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of FTP credentials in plaintext within the SquashFS-root filesystem associated with the router's firmware. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext FTP credentials from the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the FTP server associated with the targeted system.
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XSyrotech Sy Gpon 1110 Wdont
HWSyrotechwszystkie wersjeSyrotech Sy Gpon 1110 Wdont Firmware
OSSyrotech3.1.02-231102
Related vulnerabilities
Syrotech SY-GPON-1110-WDONT: ujawnienie kluczy SSL w firmware
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password pol...
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to transmission of password in plain text....
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due lack of encryption in storing of usernames...
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to storing of default username and passwor...