CSRF Vulnerability in JioFi 4G M2S 1.0.2 Devices via Edit Wi-Fi Settings

CSRF Vulnerability in JioFi 4G M2S 1.0.2 Devices via Edit Wi-Fi Settings

CVE-2019-7440 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi).

Learn more about our Web App Pen Testing.