12 matches found
EUVD-2020-29682
Malware in sbrugna...
EUVD-2021-18164
Malware in sbrugna...
CVE-2020-8839
Stored XSS was discovered on CHIYU BF-430 232/485 TCP/IP Converter devices before 1.16.00, as demonstrated by the /if.cgi TFsubmask field...
VulnCheck KEV: CVE-2021-31250
Multiple storage XSS vulnerabilities were discovered on BF-430, BF-431 and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, ppp.cgi...
CVE-2021-31249
CHIYU TCP/IP Converter BF-430, BF-431, and BF-450M devices are affected by CVE-2021-31249, a CRLF injection flaw stemming from insufficient validation of the redirect= parameter in multiple CGI components. Exploitation could lead to information disclosure, data modification, or unauthorized admin...
CVE-2021-31252
The CVE-2021-31252 entry corresponds to an open redirect vulnerability in CHIYU Technology devices: BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC. According to the connected sources (NVD, CVE lists, CNNVD, PRION), the issue stems from an open redirect mechanism that can be...
多款Chiyu产品注入漏洞
The Chiyu CHIYU BF-430, etc. are all networking servers that provide communication for access control, time and attendance systems, and other devices from Chiyu Technology Chiyu Inc. of Taiwan, China. A security vulnerability exists in CHIYU Technology Inc's BF-430, BF-431, and BF-450M TCP/IP...
PT-2021-19215 · Chiyu Technology · Bf-430 +2
Name of the Vulnerable Software and Affected Versions: CHIYU Technology Inc BF-430, BF-431, and BF-450M TCP/IP Converter devices affected versions not specified Description: A CRLF injection issue was discovered due to a lack of validation on the redirect= parameter available on multiple CGI...
CHIYU IoT devices - (Multiple) Cross-Site Scripting Vulnerability
Exploit Title: CHIYU IoT devices - 'Multiple' Cross-Site Scripting XSS Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, BF-450M, BF-630, BF631-W, BF830-W, Webpass,...
CVE-2020-8839
Stored XSS was discovered on CHIYU BF-430 232/485 TCP/IP Converter devices before 1.16.00, as demonstrated by the /if.cgi TFsubmask field...
CVE-2020-8839
Stored XSS was discovered on CHIYU BF-430 232/485 TCP/IP Converter devices before 1.16.00, as demonstrated by the /if.cgi TFsubmask field...
CVE-2020-8839
CVE-2020-8839 affects CHIYU BF-430 232/485 TCP/IP Converter web UI prior to version 1.16.00. It is a stored cross-site scripting vulnerability exploitable via the TF_submask field in the /if.cgi page, resulting from lack of proper input validation. Multiple sources (NVD, Red Hat, CNVD, CVE lists)...