Vikas Chaudhary

**Name of the Vulnerable Software and Affected Versions** JioFi 4G M2S version 1.0.2 **Description** The issue concerns the `cgi-bin/qcmap web cgi` endpoint on the affected device, where an attacker can exploit XSS and HTML injection vulnerabilities via the `mask` POST parameter. **Recommendations** For version 1.0.2, avoid using the `mask` parameter in the `cgi-bin/qcmap web cgi` endpoint until a fix is available. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** JioFi 4G M2S version 1.0.2 **Description** The issue affects the cgi-bin/qcmap web cgi endpoint on the device, allowing a denial of service (DoS) that causes the device to hang when the `mask` POST parameter is exploited. **Recommendations** For JioFi 4G M2S version 1.0.2, as a temporary workaround, consider restricting access to the cgi-bin/qcmap web cgi endpoint to minimize the risk of exploitation. Avoid using the `mask` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** JioFi 4G M2S version 1.0.2 **Description** The issue concerns a CSRF vulnerability that can be exploited via the SSID name and Security Key field under Edit Wi-Fi Settings. This is achieved through a SetWiFi Setting request to the "cgi-bin/qcmap web cgi" endpoint. **Recommendations** For JioFi 4G M2S version 1.0.2, as a temporary workaround, consider restricting access to the Edit Wi-Fi Settings page to minimize the risk of exploitation. Avoid using the `SSID name` and `Security Key` fields in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WooCommerce PayPal Checkout Payment Gateway plugin version 1.6.8 **Description** The issue allows Parameter Tampering in an `amount` parameter, such as `amount 1`, in the `/cgi-bin/webscr?cmd= cart` endpoint. This can be exploited by purchasing an item for a lower price than intended. However, the plugin author notes that the amount is validated against the WooCommerce order total before completing the order. If the amounts do not match, the order will be left in an "On Hold" state. **Recommendations** For version 1.6.8, consider restricting the use of the `amount 1` parameter in the `/cgi-bin/webscr?cmd= cart` endpoint until a patch is available. Additionally, monitor orders for discrepancies between the intended and actual prices to minimize potential financial losses. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** JioFi 4G Hotspot M2S (affected versions not specified) **Description** The issue allows attackers to cause a denial of service, specifically a secure configuration outage, by injecting an XSS payload into the SSID name and Security Key fields. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.