Vulnerabilities > CVE-2024-0556 - Unspecified vulnerability in Xantech Wic1200 Firmware 1.1

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

xantech

NVD

Published: 2024-01-16

Updated: 2024-11-21

Summary

A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. This vulnerability allows a remote user to intercept the traffic and retrieve the credentials from another user and decode it in base64 allowing the attacker to see the credentials in plain text.

Vulnerable Configurations

Part	Description	Count
OS	Xantech Xantech Wic1200 Firmware 1.1	1
Hardware	Xantech Xantech Wic1200 -	1

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-full-compass-systems-wic1200
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-full-compass-systems-wic1200