What is CVE-2021-31250?

CVE-2021-31250 is a vulnerability in N/a. Published 2021-06-04.

Is CVE-2021-31250 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2021-31250

Multiple storage XSS vulnerabilities were discovered on BF-430, BF-431 and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, ppp.cgi.

EPSS: 0.845 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates

References

seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-remote-… (x_refsource_MISC)
gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices (x_refsource_MISC)
www.chiyu-tech.com/msg/message-Firmware-update-87.htm (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-31250?: CVE-2021-31250 is a vulnerability in N/a. Published 2021-06-04.
Is CVE-2021-31250 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.