CSRF Vulnerability in WIC1200 Version 1.1: Unauthorized Actions Execution

CSRF Vulnerability in WIC1200 Version 1.1: Unauthorized Actions Execution

CVE-2024-0555 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

A Cross-Site Request Forgery (CSRF) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token implementation.

Learn more about our User Device Pen Test.