Home > jiofi
jio-router-vulnerability-cve-2019-7440

JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings-CVE-2019-7440

# Exploit Title: JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi) # Exploit Author: Vikas Chaudhary # Date: 21-01-2019 # Vendor Homepage: https://www.jio.com/ # Hardware Link: https://www.amazon.in/JioFi-Hotspot-M2S-Portable-Device/dp/B075P7BLV5/ref=sr_1_1?s=computers&ie=UTF8&qid=1531032476&sr=1-1&keywords=JioFi+M2S+Wireless+Data+Card++%28Black%29 # Version: JioFi 4G Hotspot M2S 150 Mbps Wireless Router # Category: Hardware # Contact: https://www.facebook.com/profile.php?id=100011287630308 # Web: https://gkaim.com/ # Tested on: Windows 10 X64- Firefox-65.0 # CVE-2019-7440 *********************************************************************** ## Vulnerability Description :- The application allows users

Read More