CVE-2024-41692

Summary

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the root shell on the vulnerable system.

Successful exploitation of this vulnerability could allow the attacker to execute arbitrary commands with root privileges on the targeted system.

Affected Software

VendorProductVersion RangeStatus
SyroTechSyroTech SY-GPON-1110-WDONT router3.1.02-231102affected

Weaknesses

  • CWE-1191: CWE-1191: On-Chip Debug and Test Interface With Improper Access Control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References