Jio Jiofi 4G M2S Firmware vulnerabilities
3 known vulnerabilities affecting jio/jiofi_4g_m2s_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2019-7438P3MEDIUMCVSS 6.1PoCv1.0.22019-03-21
CVE-2019-7438 [MEDIUM] CWE-79 CVE-2019-7438: cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST par
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter.
nvd
CVE-2019-7440P3MEDIUMCVSS 6.5PoCv1.0.22019-03-21
CVE-2019-7440 [MEDIUM] CWE-352 CVE-2019-7440: JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Setti
JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi).
nvd
CVE-2019-7439P3MEDIUMCVSS 6.5PoCv1.0.22019-03-21
CVE-2019-7439 [MEDIUM] CVE-2019-7439: cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter.
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter.
nvd