63 matches found
CVE-2019-7745
JioFi 4 jmr1140 AmtelJMR1140R12.07 devices allow remote attackers to obtain the Wi-Fi password by making a cgi-bin/qcmapwebcgi Page=GetWiFiSetting request and then reading the wpasecuritykey field...
EUVD-2018-7060
Malware in sbrugna...
EUVD-2019-17273
Malware in sbrugna...
EUVD-2019-16982
Malware in sbrugna...
EUVD-2019-17219
Malware in sbrugna...
EUVD-2019-16980
Malware in sbrugna...
CVE-2019-7687
cgi-bin/qcmapwebcgi on JioFi 4 jmr1140 AmtelJMR1140R12.07 devices has POST based reflected XSS via the Page parameter. No sanitization is performed for user input data...
CVE-2019-7746
JioFi 4 jmr1140 AmtelJMR1140R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmapauth type=getuser request and then reading the token field. This token value can then be used to change the Wi-Fi password or perform a factory reset...
CVE-2019-7745
JioFi 4 jmr1140 AmtelJMR1140R12.07 devices allow remote attackers to obtain the Wi-Fi password by making a cgi-bin/qcmapwebcgi Page=GetWiFiSetting request and then reading the wpasecuritykey field...
CVE-2019-7746
JioFi 4 jmr1140 AmtelJMR1140R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmapauth type=getuser request and then reading the token field. This token value can then be used to change the Wi-Fi password or perform a factory reset...
CVE-2019-7746
JioFi 4 jmr1140 AmtelJMR1140R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmapauth type=getuser request and then reading the token field. This token value can then be used to change the Wi-Fi password or perform a factory reset...
CVE-2019-7745
JioFi 4 jmr1140 AmtelJMR1140R12.07 devices allow remote attackers to obtain the Wi-Fi password by making a cgi-bin/qcmapwebcgi Page=GetWiFiSetting request and then reading the wpasecuritykey field...
CVE-2019-7687
cgi-bin/qcmapwebcgi on JioFi 4 jmr1140 AmtelJMR1140R12.07 devices has POST based reflected XSS via the Page parameter. No sanitization is performed for user input data...
CVE-2019-7687
cgi-bin/qcmapwebcgi on JioFi 4 jmr1140 AmtelJMR1140R12.07 devices has POST based reflected XSS via the Page parameter. No sanitization is performed for user input data...
Cross site request forgery (csrf)
JioFi 4 jmr1140 AmtelJMR1140R12.07 devices allow remote attackers to obtain the Wi-Fi password by making a cgi-bin/qcmapwebcgi Page=GetWiFiSetting request and then reading the wpasecuritykey field...
Cross site request forgery (csrf)
JioFi 4 jmr1140 AmtelJMR1140R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmapauth type=getuser request and then reading the token field. This token value can then be used to change the Wi-Fi password or perform a factory reset...
Cross site scripting
cgi-bin/qcmapwebcgi on JioFi 4 jmr1140 AmtelJMR1140R12.07 devices has POST based reflected XSS via the Page parameter. No sanitization is performed for user input data...
CVE-2019-7746
JioFi 4 jmr1140 AmtelJMR1140R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmapauth type=getuser request and then reading the token field. This token value can then be used to change the Wi-Fi password or perform a factory reset...
CVE-2019-7746
CVE-2019-7746 affects JioFi 4 (JMR1140 Amtel_JMR1140_R12.07). The connected records confirm a token disclosure vulnerability via a CSRF-style flow: an attacker can trigger a /cgi-bin/qcmap_auth?action=getuser request and read the admin token from the response, enabling changes to the Wi‑Fi passwo...
CVE-2019-7745
CVE-2019-7745 affects JioFi 4 (JMR1140 Amtel_JMR1140_R12.07). A flaw in the CGI qcmap_web_cgi Page=GetWiFi_Setting allows remote attackers to read the wpa_security_key (Wi‑Fi password) from the device. Documented by NVD/Red Hat and corroborated by exploit‑DB entries; the vulnerability is exposure...