Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-7439 | 1 Jio | 2 Jiofi 4g M2s, Jiofi 4g M2s Firmware | 2020-08-24 | 6.1 MEDIUM | 6.5 MEDIUM |
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter. | |||||
CVE-2019-7438 | 1 Jio | 2 Jiofi 4g M2s, Jiofi 4g M2s Firmware | 2019-04-26 | 4.3 MEDIUM | 6.1 MEDIUM |
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter. | |||||
CVE-2019-7440 | 1 Jio | 2 Jiofi 4g M2s, Jiofi 4g M2s Firmware | 2019-04-02 | 4.3 MEDIUM | 6.5 MEDIUM |
JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi). |