CVE-2024-0555 MEDIUM

CVE-2024-0555: Cross-Site Request Forgery (CSRF) vulnerability on WIC1200

Vendor Full Compass Systems
Product WIC1200
Weakness CWE-352 · CSRF
Published January 16, 2024
Last update June 17, 2025

CVSS base score

4.6/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

What the vulnerability does

01Description

A Cross-Site Request Forgery (CSRF) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token implementation.

Key dates

02Disclosure timeline

January 16, 2024 CVE published
June 17, 2025 Record updated

Related vulnerabilities

04Related CVE