Yashodhanvivek

**Name of the Vulnerable Software and Affected Versions** Syrotech SY-GPON-1110-WDONT SYRO 3.7L 3.1.02-240517 **Description** An issue exists in Syrotech SY-GPON-1110-WDONT firmware where an attacker can extract the SSL Private Key, CA Certificate, SSL Certificate, and Client Certificates in .pem format from the etc folder. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Agasta Easytouch+ version 9.3.97 **Description** The device has an insecure permission issue that allows unauthorized mobile applications to connect via Bluetooth Low Energy (BLE) without authentication. Establishing an unauthorized connection prevents legitimate applications from connecting, resulting in a denial of service. The attack requires proximity to the device and is exploitable from an adjacent network location. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.