CVE-2019-7687

Name of the Vulnerable Software and Affected Versions JioFi 4 jmr1140 Amtel JMR1140 R12.07

Description The issue concerns a reflected XSS vulnerability. It occurs via the Page parameter in the cgi-bin/qcmap web cgi endpoint. The problem arises because no sanitization is performed on user input data, allowing for potential exploitation.

Recommendations For JioFi 4 jmr1140 Amtel JMR1140 R12.07, as a temporary workaround, consider restricting access to the cgi-bin/qcmap web cgi endpoint until a patch is available. Avoid using the Page parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.