CVE

CVE-2024-41684

Severity:

Pending analysis

Type:

Unavailable / Other

Publication date:

26/07/2024

Last modified:

26/07/2024

Description

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing secure flag for the session cookies associated with the router&#39;s web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system.<br /> <br /> Successful exploitation of this vulnerability could allow the attacker to capture cookies and compromise the targeted system.

References to Advisories, Solutions, and Tools

https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0225