JioFi 4 jmr1140 Amtel_JMR1140_R12.07 - Remote Admin Token Disclosure Vulnerability

JioFi 4 jmr1140 Amtel_JMR1140_R12.07 - Remote Admin Token Disclosure Vulnerability

CVE-2019-7746 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmap_auth type=getuser request and then reading the token field. This token value can then be used to change the Wi-Fi password or perform a factory reset.

Learn more about our User Device Pen Test.