Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Wic1200 Firmware Security Vulnerabilities

cve
cve

CVE-2024-0554

A Cross-site scripting (XSS) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via '/setup/diags_ir_learn.asp', allowing the attacker to retrieve the session details of another user.

5.5CVSS

5.2AI Score

0.0004EPSS

2024-01-16 11:15 AM
9
cve
cve

CVE-2024-0555

A Cross-Site Request Forgery (CSRF) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token implement...

8CVSS

7.8AI Score

0.001EPSS

2024-01-16 11:15 AM
13
cve
cve

CVE-2024-0556

A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. This vulnerability allows a remote user to intercept the traffic and retrieve the credentials from another user and decode it in base64 allowing the attacker to see the credentials in plain text.

7.1CVSS

6.4AI Score

0.001EPSS

2024-01-16 11:15 AM
13