Vulnerabilities > CVE-2019-7745 - Unspecified vulnerability in JIO Jmr1140 Firmware Amteljmr1140R12.07

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
jio
exploit available

Summary

JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to obtain the Wi-Fi password by making a cgi-bin/qcmap_web_cgi Page=GetWiFi_Setting request and then reading the wpa_security_key field.

Vulnerable Configurations

Part Description Count
OS
Jio
1
Hardware
Jio
1

Exploit-Db

idEDB-ID:46364
last seen2019-02-13
modified2019-02-13
published2019-02-13
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/46364
titleJiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)