Bf-450m Firmware Security Vulnerabilities and Issues — Bf-450m Firmware CVE List

Lucene search

Chiyu-techBf-450m Firmware

5 matches found

CVE•added 2021/06/04 9:15 p.m.•140 views

CVE-2021-31251

An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote telnet server to believ...

9.8CVSS9.4AI score0.09587EPSS

CVE•added 2021/06/04 9:15 p.m.•130 views

CVE-2021-31250

Multiple storage XSS vulnerabilities were discovered on BF-430, BF-431 and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, ppp.cgi.

5.4CVSS5.8AI score0.89372EPSS

CVE•added 2021/06/04 9:15 p.m.•118 views

CVE-2021-31249

A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter redirect= available on multiple CGI components.

6.5CVSS6.5AI score0.9258EPSS

CVE•added 2021/06/01 3:15 p.m.•88 views

CVE-2021-31641

An unauthenticated XSS vulnerability exists in several IoT devices from CHIYU Technology, including BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC due to a lack of sanitization when the HTTP 404 message is generated.

6.1CVSS6AI score0.01159EPSS

CVE•added 2021/06/04 9:15 p.m.•68 views

CVE-2021-31252

An open redirect vulnerability exists in BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC devices from CHIYU Technology that can be exploited by sending a link that has a specially crafted URL to convince the user to click on it.

6.1CVSS6.2AI score0.02868EPSS