cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter-CVE-2019-7439

# Exploit Title: cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter # Exploit Author: Vikas Chaudhary # Date: 21-01-2019 # Vendor Homepage: https://www.jio.com/ # Hardware Link: https://www.amazon.in/JioFi-Hotspot-M2S-Portable-Device/dp/B075P7BLV5/ref=sr_1_1?s=computers&ie=UTF8&qid=1531032476&sr=1-1&keywords=JioFi+M2S+Wireless+Data+Card++%28Black%29

Read More Leave a comment

cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS via the mask POST parameter-CVE-2019-7438 (XSS)

# Exploit Title: cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS Injection via the mask POST parameter. # Exploit Author: Vikas Chaudhary # Date: 21-01-2019 # Vendor Homepage: https://www.jio.com/ # Hardware Link: https://www.amazon.in/JioFi-Hotspot-M2S-Portable-Device/dp/B075P7BLV5/ref=sr_1_1?s=computers&ie=UTF8&qid=1531032476&sr=1-1&keywords=JioFi+M2S+Wireless+Data+Card++%28Black%29 #

Read More Leave a comment

cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has HTML injection via the mask POST parameter-CVE-2019-7438 (HTML)

# Exploit Title: cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has HTML injection via the mask POST parameter. # Exploit Author: Vikas Chaudhary # Date: 21-01-2019 # Vendor Homepage: https://www.jio.com/ # Hardware Link: https://www.amazon.in/JioFi-Hotspot-M2S-Portable-Device/dp/B075P7BLV5/ref=sr_1_1?s=computers&ie=UTF8&qid=1531032476&sr=1-1&keywords=JioFi+M2S+Wireless+Data+Card++%28Black%29 #

Read More Leave a comment

You May Have Missed