{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-23T13:50:43.614","vulnerabilities":[{"cve":{"id":"CVE-2024-0555","sourceIdentifier":"cve-coordination@incibe.es","published":"2024-01-16T11:15:08.493","lastModified":"2026-06-17T06:53:46.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-Site Request Forgery (CSRF) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token implementation."},{"lang":"es","value":"Se ha encontrado una vulnerabilidad de Cross-Site Request Forgery (CSRF) en WIC1200, que afecta a la versión 1.1. Un usuario autenticado podría llevar a otro usuario a ejecutar acciones no deseadas dentro de la aplicación en la que inició sesión. Esta vulnerabilidad es posible debido a la falta de una implementación adecuada del token CSRF."}],"affected":[{"source":"cve-coordination@incibe.es","affectedData":[{"vendor":"Full Compass Systems","product":"WIC1200","defaultStatus":"unaffected","versions":[{"version":"1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve-coordination@incibe.es","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.1,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-16T20:22:05.822146Z","id":"CVE-2024-0555","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve-coordination@incibe.es","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:xantech:wic1200_firmware:1.1:*:*:*:*:*:*:*","matchCriteriaId":"27A5FA72-8BA5-4BE7-89D2-8D85C1554A8A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:xantech:wic1200:-:*:*:*:*:*:*:*","matchCriteriaId":"04CACDA7-1954-4FDE-998A-E5675B65787F"}]}]}],"references":[{"url":"https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-full-compass-systems-wic1200","source":"cve-coordination@incibe.es","tags":["Third Party Advisory"]},{"url":"https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-full-compass-systems-wic1200","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}