3 matches found
JioFi 4G M2S 1.0.2 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings aka a SetWiFiSetting request to cgi-bin/qcmapwebcgi Exploit Author: Vikas Chaudhary Vendor Homepage: https://www.jio.com/...
CVE-2019-7440
JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings aka a SetWiFiSetting request to cgi-bin/qcmapwebcgi...
CVE-2019-7440
Affected product: JioFi 4G M2S 1.0.2. Vulnerability: Cross-Site Request Forgery (CSRF) via the SSID name and Security Key field in Edit Wi‑Fi Settings (SetWiFi_Setting to cgi-bin/qcmap_web_cgi). Root cause: HTTP requests processed without proper validity checks enabling state-changing actions. Im...