CVE-2019-7687

cgi-bin/qcmapwebcgi on JioFi 4 jmr1140 AmtelJMR1140R12.07 devices has POST based reflected XSS via the Page parameter. No sanitization is performed for user input data...

JioFi 4G M2S 1.0.2 - Denial of Service

JioFi 4G M2S 1.0.2 - Denial of Service Exploit Title: cgi-bin/qcmapwebcgi on JioFi 4G M2S 1.0.2 devices allows a DoS Hang via the mask POST parameter Exploit Author: Vikas Chaudhary Date: 21-01-2019 Vendor Homepage: https://www.jio.com/ Hardware Link:...

JioFi 4G M2S 1.0.2 Denial Of Service

Exploit Title: cgi-bin/qcmapwebcgi on JioFi 4G M2S 1.0.2 devices allows a DoS Hang via the mask POST parameter Exploit Author: Vikas Chaudhary Date: 21-01-2019 Vendor Homepage: https://www.jio.com/ Hardware Link:...

CVE-2019-7440

Affected product: JioFi 4G M2S 1.0.2. Vulnerability: Cross-Site Request Forgery (CSRF) via the SSID name and Security Key field in Edit Wi‑Fi Settings (SetWiFi_Setting to cgi-bin/qcmap_web_cgi). Root cause: HTTP requests processed without proper validity checks enabling state-changing actions. Im...

CVE-2019-7439

CVE-2019-7439 affects JioFi 4G M2S 1.0.2 devices. The vulnerability is in cgi-bin/qcmap_web_cgi and allows a DoS (Hang) via the mask POST parameter. Multiple sources (NVD CVE entry, Exploit-DB listing, Packet Storm) document the issue and a DoS exposure. No remediation or patch information is pro...