Chiyu Technology BF-450M Firmware
Approved changes feed: RSS · Atom
cpe:2.3:o:chiyu-tech:bf-450m_firmware:-:*:*:*:*:*:*:*
part: o version: - update: *
| Vendor | Chiyu Tech (c736486b-d6c3-568e-9a53-51d4ba69bcaf) |
|---|---|
| Product | Bf 450M Firmware (c1ac6833-8d23-53ca-bb9f-b3e8db44d433) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-31641 |
vulnerable | 2026-06-03 14:44:33.400404 |
Details available
An unauthenticated XSS vulnerability exists in several IoT devices from CHIYU Technology, including BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, BF-MINI-W, and SEMAC due to a lack of sanitization when the HTTP 404 message is generated.
Published: 2021-06-01T14:11:39.000Z
Updated: 2024-08-03T23:03:33.666Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31252 |
vulnerable | 2026-06-03 14:44:32.034955 |
Details available
An open redirect vulnerability exists in BF-630, BF-450M, BF-430, BF-431, BF631-W, BF830-W, Webpass, and SEMAC devices from CHIYU Technology that can be exploited by sending a link that has a specially crafted URL to convince the user to click on it.
Published: 2021-06-04T20:21:47.000Z
Updated: 2024-08-03T22:55:53.302Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31251 |
vulnerable | 2026-06-03 14:44:32.025530 |
Details available
An authentication bypass in telnet server in BF-430 and BF431 232/422 TCP/IP Converter, BF-450M and SEMAC from CHIYU Technology Inc allows obtaining a privileged connection with the target device by supplying a specially malformed request and an attacker may force the remote telnet server to believe that the user has already authenticated.
Published: 2021-06-04T20:25:52.000Z
Updated: 2024-08-03T22:55:53.355Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31250 |
vulnerable | 2026-06-03 14:44:32.024933 |
Details available
Multiple storage XSS vulnerabilities were discovered on BF-430, BF-431 and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, ppp.cgi.
Published: 2021-06-04T20:28:06.000Z
Updated: 2024-08-03T22:55:53.341Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-31249 |
vulnerable | 2026-06-03 14:44:32.023903 |
Details available
A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter redirect= available on multiple CGI components.
Published: 2021-06-04T20:29:58.000Z
Updated: 2024-08-03T22:55:52.220Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.