CVE-2024-41685
Severity:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/07/2024
Last modified:
26/07/2024
Description
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to missing HTTPOnly flag for the session cookies associated with the router&#39;s web management interface. An attacker with remote access could exploit this by intercepting transmission within an HTTP session on the vulnerable system.<br />
<br />
Successful exploitation of this vulnerability could allow the attacker to capture cookies and obtain sensitive information on the targeted system.