Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jio vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2018-15181
JioFi 4G Hotspot M2S devices allow malicious users to cause a denial of service (secure configuration outage) via an XSS payload in the SSID name and Security Key fields.
Jio 4g Hotspot M2s Firmware -
1 EDB exploit
615
VMScore
CVE-2019-7439
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter.
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
435
VMScore
CVE-2019-7440
JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi).
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
435
VMScore
CVE-2019-7438
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter.
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
383
VMScore
CVE-2019-7687
cgi-bin/qcmap_web_cgi on JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices has POST based reflected XSS via the Page parameter. No sanitization is performed for user input data.
Jio Jmr1140 Firmware Amtel Jmr1140 R12.07
445
VMScore
CVE-2019-7745
JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote malicious users to obtain the Wi-Fi password by making a cgi-bin/qcmap_web_cgi Page=GetWiFi_Setting request and then reading the wpa_security_key field.
Jio Jmr1140 Firmware Amtel Jmr1140 R12.07
383
VMScore
CVE-2019-7746
JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote malicious users to obtain an admin token by making a /cgi-bin/qcmap_auth type=getuser request and then reading the token field. This token value can then be used to change the Wi-Fi password or perform a factory reset.
Jio Jmr1140 Firmware Amtel Jmr1140 R12.07
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started