Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials.
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.