CVE-2024-0554
The CVE-2024-0554 entry describes an XSS in Xantech WIC1200 v1.1. An authenticated user can store a malicious payload in the device model parameter via /setup/diags_ir_learn.asp, enabling retrieval of other users’ session details. Affected component: WIC1200 device, firmware 1.1. Root cause: impr...