Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2024-0554
HistoryJan 16, 2024 - 11:15 a.m.

Cross site scripting

2024-01-1611:15:00
PRIOn knowledge base
www.prio-n.com
2
cross-site scripting
wic1200
version 1.1
authenticated user
malicious javascript payload
device model parameter
setup
diags_ir_learn.asp
session details

6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.3%

JSON

A Cross-site scripting (XSS) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via ‘/setup/diags_ir_learn.asp’, allowing the attacker to retrieve the session details of another user.

CPENameOperatorVersion
wic1200_firmwareeq1.1

Related

cve 1
cvelist 1
nvd 1
cve
cve
CVE-2024-0554
2024-01-16 11:15:07
cvelist
cvelist
CVE-2024-0554 Cross-site scripting (XSS) vulnerability on WIC1200
2024-01-16 10:08:29
nvd
nvd
CVE-2024-0554
2024-01-16 11:15:07

6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.3%

JSON
Related for PRION:CVE-2024-0554
cve1cvelist1nvd1