2024-01-16 10:08:29
INCIBE
PUBLISHED
A Cross-site scripting (XSS) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via /setup/diags_ir_learn.asp, allowing the attacker to retrieve the session details of another user.